Howard Oakley on Booting the Mac

Howard Oakley has yet another new blog post on how Apple EFI works:

Booting the Mac: Will my Mac boot from this disk? A visual guide

There have been multiple recent blog posts on Apple EFI from this author! Eg:

Booting the Mac: the kernel and extensions

The whole purpose of the BootROM and EFI phases is to get to load and run the macOS kernel and its extensions, which is what boot.efi, the “OS X booter”, finally does. Although boot.efi doesn’t suddenly vanish, from here on it is very little needed.[…]

Booting the Mac: the kernel and extensions

mOSL: Bash script to audit and fix macOS High Sierra (10.13.x) security settings

Settings that can be audited/ fixed:

enable automatic updates
enable gatekeeper
enable firewall
enable admin password preferences
enable terminal secure entry
disable firewall builin software
disable firewall downloaded signed
disable ipv6
disable mail remote content
disable remote apple events
disable remote login
set airdrop contacts only
set appstore update check daily
check SIP
check kext loading consent
check EFI integrity
check filevault
check firmware password set


AppleSupportPkg: ApfsLDriverLoader, AppleLoadImage, AppleDxeImageVerificationLib

Open source apfs.efi loader based on reverse-engineered Apple’s ApfsJumpStart driver
Loads apfs.efi from ApfsContainer located on block device.
Apfs driver verbose logging suppressed.
Version system: connects each apfs.efi to the device from which it was retrieved
Supports AppleLoadImage protocol provides EfiBinary signature check
WARNING: Please load AppleLoadImage.efi right before ApfsDriverLoader, or just put it inside drivers64uefi folder of your Clover bootloader

Implementation of AppleLoadImage protocol discoverd in ApfsJumpStart Apple driver. This protocol installs in CoreDxe Apple’s firmware.
It provides safe EFI binary loading into memory by verifiyng it’s signature.
Also gives ability to use native ApfsJumpStart driver from Apple firmware
WARNING: ApplePartitionDriver needed

This library provides reverse-engineered Apple’s crypto signature algorithms.

Booting Secure [on Apple systems]

PS: A few articles on the new T2 processor as well:

The MacBook Pro’s T2 chip boosts enterprise security: Secure boot, even for Windows installations on a Mac

Apple: new/updated T2 chip and Secure Boot support articles

Re: and

the latter Apple support article on Secure Boot has been updated recently:

About Secure Boot

Mac computers that have the Apple T2 chip

Apple releases new systems with T2 chip and UEFI SecureBoot

Apple macOS 10.13.6: UEFI SecureBoot support for iMac Pro

Re: and

there is more info on Apple Secure Boot: