Asahi Linux M4 support hits a roadblock because of Apple Silicon changes

AppleInsider

The Asahi Linux project is having trouble bringing the operating system to M4 Macs, with some chip changes making working with the latest Apple Silicon models a lot tougher.

Asahi Linux logo and a Mac Studio

Asahi Linux is a project to make the Linux kernel work with Apple Silicon, so that Linux users can natively use modern Macs with Linux. After having success with M1 and M2 chips, the project is running into issues when trying to work with M4.

In a post to Mastodon on April 4, developer Sven Peter describes the work to add M4 support to Asahi Linux as "rather painful." This is in comparison to the challenges the project faced when it came to supporting M1 and M2.

The project, for the moment, is focusing on upstreaming M1 and M2 support, but it has started to look towards the M4 workload. Unfortunately, trying to run the m1n1 bootloader isn't working properly for some M4 users who have tried it, as Apple has changed something for the M4 generation.

Chip challenges

In describing the issue, Peter mentions how, when configuring a boot object, the environment is set where Apple's SPTM (Secure Page Table Monitor) is set to the GL2 register. The boot loader is supposed to communicate from EL2 (Exception Level 2) with the MMU (Memory Management Unit) enabled to set up pagetables.

The problem is that it doesn't work for Linux, Peter explains. It also doesn't help for running XNU, Apple's OS kernel, for reverse engineering purposes.

Configuring a raw boot object drops the process into EL2 with GL2, but with most of the Apple-specific extensions disabled. While this is OK for linux, it means XNU cannot be run under the project's hypervisor.

This is a bit of a roadblock for the project, and will make it considerably harder to enable M4 support to Asahi Linux in future. However, in a reply, Peter offers hope that a hijacking of XNU exception handlers and pagetable code could be a path forward.

There is no clear timetable for M4 support.



Read on AppleInsider

jfreedle2

Not sure why anybody would want to run an emulated Unix instead of the certified Unix that is natively run as sold. Running Linux in virtual machines is more than good enough to use a Linux environment if required.

22july2013

"The firmware ain't done until Linux won't run."

michelb76

jfreedle2 said:

Not sure why anybody would want to run an emulated Unix instead of the certified Unix that is natively run as sold. Running Linux in virtual machines is more than good enough to use a Linux environment if required.

It's not emulated, Asahi runs native. Apart from 'because they can', it also provides a very decent performance improvement compared to OSX for certain applications.

yyzguy

Is there any way to follow this discussion without posting?  I have nothing useful to contribute, but want to be notified when others post.   So this is what I’m doing unless there’s a better way.

unbeliever2

jfreedle2 said:

Not sure why anybody would want to run an emulated Unix instead of the certified Unix that is natively run as sold. Running Linux in virtual machines is more than good enough to use a Linux environment if required.

It's literally the opposite of emulated, and is in fact more "native" than running it in a virtual machine, since the whole point is to run Linux on "bare metal" (Apple silicon).

decoderring

jfreedle2 said:

Not sure why anybody would want to run an emulated Unix instead of the certified Unix that is natively run as sold. Running Linux in virtual machines is more than good enough to use a Linux environment if required.

As others have posted, Linux is running natively (an impressive engineering feat).

I switched to Linux from decades of using MacOS, and despite the inconveniences I’m very happy. Linux flies on my laptop, whereas MacOS has merely decent response times. There are many benefits to using Linux if you’re looking for them, but it’s clear that the majority of people are better served remaining on MacOS.

Still, I’m pretty happy to be able to run Linux natively on Apple hardware — the best of both worlds.

ajmas

For server grade applications, many people would chose Linux over MacOS or Windows. Being able to use Mac hardware (new or used) for this would be a nice feature. I just wished Apple would quietly assist the Asahi team, since it would theoretically allow for more hardware sales and a certain goodwill. 

neilm

ajmas said:

For server grade applications, many people would chose Linux over MacOS or Windows. Being able to use Mac hardware (new or used) for this would be a nice feature. I just wished Apple would quietly assist the Asahi team, since it would theoretically allow for more hardware sales and a certain goodwill. 

I too wish Apple would do that. While there's no direct commercial benefit in it for Apple, I think there's some good karma to be had, and for minimal resource expenditure.

ETA: On the other hand, Apple's whole boot security model has become pretty complex and obscure, at least as viewed from the outside. Its inner workings are not designed or intended to be public, and I imagine there's been no line drawn to demarcate what we're allowed to know from what we aren't. The line is more like a circle, with only Apple inside. So maybe the necessary resources to change and police that would not be minimal?

edited April 8

mpantone

One thing for certain, Apple will not loosen up the boot security model just to let Linux (or anyone else in). They set the precedence before the pandemic when they introduced the T2 Security Chip in the mac Mini 2018 and have been trending toward higher security since.

While I understand why some people are enthusiastic about running alternative operating systems on Macs, as a longtime Apple user and non-tinkering consumer, I have zero interest in supporting any sort of effort that would have Apple waver from the pillars of security and privacy. In fact, these Asahi Linux efforts are probably encouraging Apple to strengthen boot security and make it more difficult to access certain parts of the system (like the Secure Enclave). I don't want it to be easy. Nothing is impossible but I want it to be super duper, painfully hard.

Linux is great in some situations but I don't want people to be able to run it on a Mac. This is coming from a person who used to be a UNIX/Linux system administrator. There is plenty of hardware out there that can run Linux whether it be old Wintel boxes, new PC hardware, or other devices like Raspberry Pies. Hell, my Super NES Classic console runs Linux.

decoderring

mpantone said:

One thing for certain, Apple will not loosen up the boot security model just to let Linux (or anyone else in). They set the precedence before the pandemic when they introduced the T2 Security Chip in the mac Mini 2018 and have been trending toward higher security since.

While I understand why some people are enthusiastic about running alternative operating systems on Macs, as a longtime Apple user and non-tinkering consumer, I have zero interest in supporting any sort of effort that would have Apple waver from the pillars of security and privacy. In fact, these Asahi Linux efforts are probably encouraging Apple to strengthen boot security and make it more difficult to access certain parts of the system (like the Secure Enclave). I don't want it to be easy. Nothing is impossible but I want it to be super duper, painfully hard.

Linux is great in some situations but I don't want people to be able to run it on a Mac. This is coming from a person who used to be a UNIX/Linux system administrator. There is plenty of hardware out there that can run Linux whether it be old Wintel boxes, new PC hardware, or other devices like Raspberry Pies. Hell, my Super NES Classic console runs Linux.

I understand your concerns, and they’re valid.

They’re also why I’m leaving Apple and its closed systems. For years I accepted the security advantage, but it was before Apple decided to use all of your personal data to profile you and fill its products with advertisements. And Apple is far from done monetizing its users and further closing its systems to make it increasingly difficult — and in iOS impossible — to use its products without allowing Apple to track everything you install and use.

I don’t trust Apple as much as I used to.

danox

michelb76 said:

» show previous quotes

jfreedle2 said:

Not sure why anybody would want to run an emulated Unix instead of the certified Unix that is natively run as sold. Running Linux in virtual machines is more than good enough to use a Linux environment if required.

It's not emulated, Asahi runs native. Apart from 'because they can', it also provides a very decent performance improvement compared to OSX for certain applications.

 Linux is a loss cause on Apple Silicon like Microsoft Windows…..

danox

decoderring said:

» show previous quotes

mpantone said:

One thing for certain, Apple will not loosen up the boot security model just to let Linux (or anyone else in). They set the precedence before the pandemic when they introduced the T2 Security Chip in the mac Mini 2018 and have been trending toward higher security since.

While I understand why some people are enthusiastic about running alternative operating systems on Macs, as a longtime Apple user and non-tinkering consumer, I have zero interest in supporting any sort of effort that would have Apple waver from the pillars of security and privacy. In fact, these Asahi Linux efforts are probably encouraging Apple to strengthen boot security and make it more difficult to access certain parts of the system (like the Secure Enclave). I don't want it to be easy. Nothing is impossible but I want it to be super duper, painfully hard.

Linux is great in some situations but I don't want people to be able to run it on a Mac. This is coming from a person who used to be a UNIX/Linux system administrator. There is plenty of hardware out there that can run Linux whether it be old Wintel boxes, new PC hardware, or other devices like Raspberry Pies. Hell, my Super NES Classic console runs Linux.

I understand your concerns, and they’re valid.

They’re also why I’m leaving Apple and its closed systems. For years I accepted the security advantage, but it was before Apple decided to use all of your personal data to profile you and fill its products with advertisements. And Apple is far from done monetizing its users and further closing its systems to make it increasingly difficult — and in iOS impossible — to use its products without allowing Apple to track everything you install and use.

I don’t trust Apple as much as I used to.

If Apple was the company, you said they were Siri would be much further along, because one of the big reasons Apple may be running behind (I don’t think they are not when you do hardware and software under one roof). Apples path is different from the others in that they’re trying to design Apple Intelligence to not pry into everything on your computer and at the same operate on the edge instead of phoning home for answers, Microsoft, Google, and Meta don’t care, for them it’s full speed ahead connecting to that super computer back home which gives the impression of being ahead, also the way most people (the public) are currently acting in the marketplace they don’t seem to care about privacy either….. It’s going to be fun to see how each solution from the different companies Samsung/Google work when they’re not connected to the Internet to phone home.

Good luck with free pizza and beer Linux/Windows/Android?

edited April 11

spheric

unbeliever2 said:

» show previous quotes

jfreedle2 said:

Not sure why anybody would want to run an emulated Unix instead of the certified Unix that is natively run as sold. Running Linux in virtual machines is more than good enough to use a Linux environment if required.

It's literally the opposite of emulated, and is in fact more "native" than running it in a virtual machine, since the whole point is to run Linux on "bare metal" (Apple silicon).

Pretty sure he meant „emulated“ in the non-tech sense of „imitated“, as in „Linux imitates UNIX“. 

tiredskills

spheric said:

» show previous quotes

unbeliever2 said:

jfreedle2 said:

Not sure why anybody would want to run an emulated Unix instead of the certified Unix that is natively run as sold. Running Linux in virtual machines is more than good enough to use a Linux environment if required.

It's literally the opposite of emulated, and is in fact more "native" than running it in a virtual machine, since the whole point is to run Linux on "bare metal" (Apple silicon).

Pretty sure he meant „emulated“ in the non-tech sense of „imitated“, as in „Linux imitates UNIX“. 

Seems unlikely since they called out "native" as a contrast.  I think it more probable that they meant "emulated" in the literal technical sense, they were just wrong.

spheric

tiredskills said:

» show previous quotes

spheric said:

unbeliever2 said:

jfreedle2 said:

Not sure why anybody would want to run an emulated Unix instead of the certified Unix that is natively run as sold. Running Linux in virtual machines is more than good enough to use a Linux environment if required.

It's literally the opposite of emulated, and is in fact more "native" than running it in a virtual machine, since the whole point is to run Linux on "bare metal" (Apple silicon).

Pretty sure he meant „emulated“ in the non-tech sense of „imitated“, as in „Linux imitates UNIX“. 

Seems unlikely since they called out "native" as a contrast.  I think it more probable that they meant "emulated" in the literal technical sense, they were just wrong.

Except that isn’t just wrong; it makes no sense at all…(booting a computer on an emulated system?)

He literally called Linux an „emulated UNIX“. Which it actually is, historically — it’s a pretend-UNIX that does all the UNIX things without *being* UNIX (and the associated licensing etc).