Linux is now 'fully usable' on Apple Silicon M1 Macs

Posted:
in General Discussion edited January 2021
Security researchers at Corellium have ported a version of Linux to the Apple Silicon M1 chip that will ultimately be released under an open-source license.

Credit: Chris Wade/Corellium
Credit: Chris Wade/Corellium


The Linux version is a full Ubuntu desktop operating system booted from a USB, according to Corellium Chief Technology Officer Chris Wade. Although details are scarce, he said that Linux is now "completely usable" on Apple Silicon machines.

Network compatibility is possible through a USB-C dongle, and the current update to the platform will support USB, I2C, and DART. The Ubuntu operating system is one initially meant for the ARM-based Raspberry Pi, Wade added.

Linux is now completely usable on the Mac mini M1. Booting from USB a full Ubuntu desktop (rpi). Network works via a USB c dongle. Update includes support for USB, I2C, DART. We will push changes to our GitHub and a tutorial later today. Thanks to the @CorelliumHQ team pic.twitter.com/uBDbDmvJUG

-- Chris Wade (@cmwdotme)


There are some limitations to the port. While it can take full advantage of the M1 CPU, it won't support GPU acceleration. That means graphics are currently set to software rendering mode, which will mean much slower graphical performance versus native performance in macOS.

The Corellium team first teased the Linux port to Apple Silicon earlier in January, though offered few other details. Earlier versions of the port on Github were for "advanced users only," since they lacked support for USB and other key systems.

We had some spare time today so we ported Linux to the M1. Releasing tomorrow #fridayfun pic.twitter.com/dCrXApyKef

-- Corellium (@CorelliumHQ) January 16, 2021


Members of the team that developed the checkra1n jailbreak for iPhone devices also worked on the Linux port, including security researchers Longhorn and qwertyoruiopz. On Friday, Longhorn said that the Linux port is "very promising," but noted that more invasive kernel changes would be needed because the system-on-chip is "atypical."

Wade also noted that users may be able to boot Linux on an Apple Silicon chip using pongoOS, which is a pre-boot execution environment built on top of checkra1n. The checkra1n jailbreak itself takes advantage of the checkm8 exploit that was discovered in 2019.

On Jan. 16, qwertyoruiopz tweeted several images of pongoOS booting on an M1 Mac.

fully booting now! thanks to @CorelliumHQ and @never_released for assistance pic.twitter.com/lpszsBrjBH

-- qwertyoruiop (@qwertyoruiopz)


Corellium is a software virtualization firm focused on emulating ARM-based technologies. The firm is also known for its legal battle with Apple. The Cupertino tech giant levied a copyright infringement lawsuit against Corellium in 2019 because of its iOS emulation software. In December 2020, Apple lost that lawsuit.

As of writing, Corellium has pushed the latest changes to the Linux for M1 port to its Github account. Wade also said that a tutorial would be arriving on Friday.

Comments

  • Reply 1 of 13
    zimmiezimmie Posts: 651member
    I wonder how they are able to load the kernel image at all. The tutorial should answer, but from the mention of pongoOS, I suspect they are exploiting some flaw in the secure boot process itself to load an arbitrary image and pass execution to it.

    Reading through the commit for DART support, it looks like Apple did indeed design their own IOMMU core rather than using ARM's reference SMMU.
  • Reply 2 of 13
    zimmie said:
    I wonder how they are able to load the kernel image at all. The tutorial should answer, but from the mention of pongoOS, I suspect they are exploiting some flaw in the secure boot process itself to load an arbitrary image and pass execution to it.

    Reading through the commit for DART support, it looks like Apple did indeed design their own IOMMU core rather than using ARM's reference SMMU.
    Apple opened up the tooling to load custom kernels on Apple Silicon.
    jdb8167
  • Reply 3 of 13
    Awesome news.
    elijahgrinosaurBeats
  • Reply 4 of 13
    wood1208wood1208 Posts: 2,904member
    One good news after other for "M" Macs.
    Beats
  • Reply 5 of 13
    'usable' is to me, a slightly ambiguous term.
    It is one thing to boot a USB image but real usability for me is when you can install the Linux software on the internal Storage and then boot from it.

    Still, it is early days yet.
    mark fearingrinosaurwatto_cobra
  • Reply 6 of 13
    Yeah, it doesn’t seem all that robust and ‘useable’ as in, one can actually use it and would want to without a series of external images being loaded. 
    watto_cobra
  • Reply 7 of 13
    zimmiezimmie Posts: 651member
    zimmie said:
    I wonder how they are able to load the kernel image at all. The tutorial should answer, but from the mention of pongoOS, I suspect they are exploiting some flaw in the secure boot process itself to load an arbitrary image and pass execution to it.

    Reading through the commit for DART support, it looks like Apple did indeed design their own IOMMU core rather than using ARM's reference SMMU.
    Apple opened up the tooling to load custom kernels on Apple Silicon.
    When was that? Last I heard (end of November), they said you could boot any signed version of macOS, but that they would not support booting other operating systems directly on the hardware. They said everything had to run through the hypervisor framework.
    watto_cobra
  • Reply 8 of 13
    zimmie said:
    zimmie said:
    I wonder how they are able to load the kernel image at all. The tutorial should answer, but from the mention of pongoOS, I suspect they are exploiting some flaw in the secure boot process itself to load an arbitrary image and pass execution to it.

    Reading through the commit for DART support, it looks like Apple did indeed design their own IOMMU core rather than using ARM's reference SMMU.
    Apple opened up the tooling to load custom kernels on Apple Silicon.
    When was that? Last I heard (end of November), they said you could boot any signed version of macOS, but that they would not support booting other operating systems directly on the hardware. They said everything had to run through the hypervisor framework.

    Fidonet127watto_cobrajdb8167
  • Reply 9 of 13
    zimmiezimmie Posts: 651member
    Interesting. The 11.2 beta release notes don't say anything about that (they really don't say anything at all). The relevant changes also don't seem to be present on amd64.

    I'm not going to buy a Mac which can only run macOS, but the M1 Macs are interesting, so I have been following their official statements and prerelease information. Good to know they seem to be improving the situation internally, even if they aren't telling anybody about it.
  • Reply 10 of 13
    zimmie said:
    I'm not going to buy a Mac which can only run macOS, but the M1 Macs are interesting, so I have been following their official statements and prerelease information. Good to know they seem to be improving the situation internally, even if they aren't telling anybody about it.
    A usable Linux install is a long way away still. The Corellium update is more of a proof of concept than a usable system. Drivers are still going to be a nightmare to reverse engineer without Apple's help.
  • Reply 11 of 13
    zimmiezimmie Posts: 651member
    jdb8167 said:
    zimmie said:
    I'm not going to buy a Mac which can only run macOS, but the M1 Macs are interesting, so I have been following their official statements and prerelease information. Good to know they seem to be improving the situation internally, even if they aren't telling anybody about it.
    A usable Linux install is a long way away still. The Corellium update is more of a proof of concept than a usable system. Drivers are still going to be a nightmare to reverse engineer without Apple's help.
    I wouldn't want to use Linux anyway. systemd is so poorly designed that it isn't salvageable, but now it's mandatory for most maintained Linux distributions. Not a fan of Windows, but it could be a decent option after Apple cuts off support for the M1. The OS I would prefer to run is FreeBSD, though.

    Now that I know where to look, the consensus seems to be that Apple is adding explicit support for booting non-Apple kernels. This gives me a fair amount of confidence Apple's "You can boot any version of macOS!" statements so far are like the "You can run web applications!" on the original iPhone: a compromise to get the things out the door at all, while they work on a proper way to do it for later release. Anybody paying attention during the iPhoneOS 1 days knew native applications were coming. Jailbreakers watched as Apple reorganized the APIs in major ways. This is a signal that similar work is happening on the M1 boot process.
  • Reply 12 of 13
    Could someone who has this go into python and try to install PyAudio package? The command should be "pip install PyAudio" or "sudo apt-get install portaudio19-dev python-pyaudio."
Sign In or Register to comment.