
Add support for macOS Sonoma 14.3.1 on Apple Silicon

piperswe opened this issue · 3 comments

Here is the identityservicesd binary from 23D60 for Apple Silicon:

I made the grave mistake of updating macOS just before setting up Beeper, hopefully this can get updated to support 14.3.1.

Same issue, frustratingly my UTM VM is on a too early version of Monterey to use the commandline tool.. But thankfully my Intel hackintosh VM on Sonoma worked...

Here is the identityservicesd binary from 23D60 for Apple Silicon:

⇒ sha256sum ./samples/macos-14.3.1-23D60-sonoma-identityservicesd
d3c6986fefcbd2efea2a8a7c88104bf22d60d1f4f2bbf3615a1e3ce098aba765  ./samples/macos-14.3.1-23D60-sonoma-identityservicesd

Using my script from:

⇒ ./ samples/macos-14.3.1-23D60-sonoma-identityservicesd

-= Universal Binary Sections =-
Architecture 0 (x86_64):
  CPU Type: 16777223 (0x1000007)
  CPU Subtype: 3 (0x3)
  CPU Subtype Capability: 0 (0x0)
  Offset: 0x4000 (Valid Mach-O Header: Yes)
  Size: 8820512
  Align: 14
Architecture 1 (arm64e):
  CPU Type: 16777228 (0x100000c)
  CPU Subtype: 2 (0x2)
  CPU Subtype Capability: 128 (0x80)
  Offset: 0x870000 (Valid Mach-O Header: Yes)
  Size: 9796976
  Align: 14

-= Found Symbol Offsets =-
Offset of _IDSProtoKeyTransparencyTrustedServiceReadFrom in architecture x86_64: 0x0d47c9
Offset of _IDSProtoKeyTransparencyTrustedServiceReadFrom in architecture arm64e: 0x0bd81c

-= Found Hex Offsets (with pure python fixed sequence search + regex) =-
Architecture 0 (x86_64):
  IDSProtoKeyTransparencyTrustedServiceReadFrom: 0xd47c9
  NACInitAddress: 0x54c6d0
  NACKeyEstablishmentAddress: 0x52c710
  NACSignAddress: 0x53fa00
Architecture 1 (arm64e):
  IDSProtoKeyTransparencyTrustedServiceReadFrom: 0xbd81c; 0x2ef2d0; 0x31c2d4; 0x333754
  NACInitAddress: 0x4b5580
  NACKeyEstablishmentAddress: 0x4a2de4
  NACSignAddress: 0x47cff0

Looking in the offsets code file, the sha256 hash for this file matches the one already recorded for macOS 14.3, suggesting it's already supported:

// macOS 14.3
hexToByte32("d3c6986fefcbd2efea2a8a7c88104bf22d60d1f4f2bbf3615a1e3ce098aba765"): offsets_14_3,

Confirming this, looking at those offsets for offsets_14_3, they match what my script above identified:

var offsets_14_3 = imdOffsetTuple{
x86: imdOffsets{
ReferenceSymbol: "IDSProtoKeyTransparencyTrustedServiceReadFrom",
ReferenceAddress: 0x0d47c9,
NACInitAddress: 0x54c6d0,
NACKeyEstablishmentAddress: 0x52c710,
NACSignAddress: 0x53fa00,
arm64: imdOffsets{
ReferenceSymbol: "IDSProtoKeyTransparencyTrustedServiceReadFrom",
ReferenceAddress: 0x0bd81c,
NACInitAddress: 0x4b5580,
NACKeyEstablishmentAddress: 0x4a2de4,
NACSignAddress: 0x47cff0,

These were updated in the following PR from Jan 24, which predates this issue being opened by almost a month:

@tulir This issue can be closed.