MP 7,1 MacPro 7.1 - bootloader

[tonton_max]

Hello !

Does someone use a custom bootloader (ideally OpenCore) on it Mac Pro 7.1 ?

I have a macOS installed on the apple ssd and a Windows on a nvme drive.
I've tried to install several bootloaders on my Mac Pro 7.1 (OCLP, Refind Plus, Clover) and tried to tweak several options but I always have the same issue : first boot on macOS is OK, reboot with bootloader to Windows OK too, reboot to macOS with bootloader stucks on black screen.

My goal is to be able to choose between macOS and Windows at the boot time without pressing an option key at boot

Does someone have this kind of setup ?

 

[Dayo]

Reboot to macOS gets stuck.

Appears due to T2 chip restrictions that kick in for Mac OS after power cycles.
It is apparently only limited to Mac OS boot and not boots of other OS types.

Going back in via StartManager resets things for Mac OS boot as you found.
Please raise an issue on GitHub if you want this looked into for RefindPlus.

You may be able to set things up to always show StartManager on boot.
Command is "sudo nvram manufacturing-enter-picker=true". Works on cMP.

 

[tonton_max]

it works, but is there an option for a delay to allow an auto boot ?

 

[Dayo]

Is there a "delay-then-auto-boot" option?

I don't believe there is one offered by StartManager.
This is something 3rd-party boot managers provide.

 

[J-MI]

Hello !

Does someone use a custom bootloader (ideally OpenCore) on it Mac Pro 7.1 ?

I have a macOS installed on the apple ssd and a Windows on a nvme drive.
I've tried to install several bootloaders on my Mac Pro 7.1 (OCLP, Refind Plus, Clover) and tried to tweak several options but I always have the same issue : first boot on macOS is OK, reboot with bootloader to Windows OK too, reboot to macOS with bootloader stucks on black screen.

My goal is to be able to choose between macOS and Windows at the boot time without pressing an option key at boot

Does someone have this kind of setup ?

I use OpenCore on my Mac Pro 7.1. Works very fine

 

[d0sed0se]

I use OpenCore on my Mac Pro 7.1. Works very fine

Just out of curiosity, can I ask why?

 

[tonton_max]

I use OpenCore on my Mac Pro 7.1. Works very fine

is it possible to share your config.plist file ?

 

[startergo]

Appears due to T2 chip restrictions that kick in for Mac OS after power cycles.
It is apparently only limited to Mac OS boot and not boots of other OS types.

Going back in via StartManager resets things for Mac OS boot as you found.
Please raise an issue on GitHub if you want this looked into for RefindPlus.

You may be able to set things up to always show StartManager on boot.
Command is "sudo nvram manufacturing-enter-picker=true". Works on cMP.

I have just reinstalled my endeavourOS for T2 machines. After installation I realized it created another EFI partition and a boot loader inside:

diskutil list
/dev/disk0 (internal, physical):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *1.0 TB     disk0
   1:                        EFI EFI                     314.6 MB   disk0s1
   2:                 Apple_APFS Container disk1         500.0 GB   disk0s2
   3:                        EFI NO NAME                 1.0 GB     disk0s3
   4:           Linux Filesystem                         149.0 GB   disk0s5
   5:       Microsoft Basic Data BOOTCAMP                350.2 GB   disk0s4

EFI NO NAMEis where the endeavor boot manager is installed. It copied over the Windows EFI partition.
What is interesting now is that I can boot macOS from my original rEFInd boot loader installed in the EFI EFI partition in any combination. I can boot to Windows Bootcamp from it and later after reboot back to macOS without an issue. Go figure.

 

[startergo]

Replaced the rEFInd with latest RP and on the first boot it panicked (message: "if you don't remember password..."), then it rebooted to recovery I forced it to reboot and loaded through RP. This behavior is not present with the rEFInd attached. Must be a regression in the upstream code.
Looks like:

refind,0.14.0

 

[Dayo]

Must be a regression.

No regression and not rEFind related/specific. On that angle however, the issue has been raised on rEFind since 2019 at least ... long before v0.14.0. You can already workaround the issue on rEFInd/RefindPlus by using "firmware_bootnum" manual stanzas. This was added for this issue back in 2021 for v0.13.1.

The shortcoming with the workaround is that, apart from most users probably not knowing how to set it up, the firmware boot numbers can change with nvRAM resets and invalidate the stanzas. Working on an option that gets/sets the firmware boot number dynamically and then uses this. Was initially looking at leveraging BootKicker but dropped this as Mac OS specific but a broad church option is needed.

As an aside, I was wrong that it was particularly Mac OS related. It is just that other OS types do not show the issue on Macs because of how they are set up. That is, it shows up only with Mac OS on T2 Macs because the other OS are not running with full secureboot setups. BitLocker/SecureBoot Windows will behave the same way on Class 3+ UEFI PC. Presumably the same with similarly secured Linux.

On your results, these are most likely because you are on a laptop and the battery is still powering stuff through some reboot cycles. That is, a restart cycle does not necessarily mean there was a power cycle on a laptop.

 

[startergo]

On your results, these are most likely because you are on a laptop and the battery is still powering stuff through some reboot cycles. That is, a restart cycle does not necessarily mean there was a power cycle on a laptop.

The issue is present, but not on the particular rEFInd version especially after the second EFI creation.

 

[Dayo]

but not on the particular rEFInd version especially after the second EFI creation.

Well, there is no magic sauce in that particular version that was absent before and is absent after it.
I am 100% sure it will behave as expected on a desktop T2 unit. That is, after a definite power cycle.
Either way, whatever is going with that version is just a red herring. I suppose someone can test that.

 

[startergo]

Well, there is no magic sauce in that particular version that was absent before and is absent after it.
I am 100% sure it will behave as expected on a desktop T2 unit. That is, after a definite power cycle.
Either way, whatever is going with that version is just a red herring. I suppose someone can test that.

I can test it on my Mac mini T2.

 

[J-MI]

Just out of curiosity, can I ask why?

I have a Radeon RX9600 Xt and a Geforce RTX 4080 on my Mac Pro. Having OpenCore installed avoids wake up problems when I'm working on a Mac.

 

[J-MI]

is it possible to share your config.plist file ?

Sorry for taking so long to respond

 

[Dayo]

A workaround for this issue has been added to RefindPlus 0.14.1.AA.

The issue is that the boot "Chain of Trust" is broken after the SMC is reset. Such resets happen after a full power cycle such as after fully disconnecting power for up to 30 seconds. After such a reset, the Mac OS kernel will refuse to be loaded by a third party tool on a T2 chipped Mac even with things set to "No Security".

Things will start working again until the next reset after a trusted boot chain is used. An example of using a trusted boot chain is a native boot into Mac OS or Windows. This "feature" does not appear to have been documented and may well be a bug.

The RefindPlus workaround triggers a restart into the native boot chain for subject types.
Note this is a workaround as cannot manipulate the SMC as needed for a "proper" fix.
Disadvantage of the workaround is that an extra restart is triggered.

Activated for Mac OS alone by setting either "sync_trust macos" or "sync_trust macos verify".
The former immediately triggers the restart while the latter checks first.

The latter option is set up by MyBootMgr's ConfigFactory automatically on T2 chipped units.
You can also add either option as you prefer to a RefindPlus config file manually.

RefindPlus docs on this:

RefindPlus/config.conf-sample at cc453ffb73a1d593f87ce5169180e8aff3b8f430 · dakanji/RefindPlus

A Boot Manager for Mac and PC. Contribute to dakanji/RefindPlus development by creating an account on GitHub.

github.com

 

[startergo]

This "feature" does not appear to have been documented by Apple and may well be a bug.

It is only buggy with third party boot loaders. If you boot with the option key it loads the operating system. As far as Apple is concerned they may say that only Bootcamp is supported on the T2 Mac’s as an external boot. They also set as a requirement enabling full security before installing Bootcamp.