I'm wondering if you can eliminate some of them further.
Judging by the OpenCore documentation we shouldn't need EnableSafeModeSlide.
Rich (BB code):
EnableSafeModeSlide
Type: plist boolean
Failsafe: false
Description: Patch bootloader to have KASLR enabled in safe mode.
This option is relevant to the users that have issues booting to safe mode (e.g. by holding shift or using -x boot
argument). By default safe mode forces 0 slide as if the system was launched with slide=0 boot argument. This
quirk tries to patch boot.efi to lift that limitation and let some other value (from 1 to 255) be used. This quirk
requires ProvideCustomSlide to be enabled.
Note: The necessity of this quirk is determined by safe mode availability. If booting to safe mode fails, this option
can be tried to be enabled.
We shouldn't need ProvideCustomSlide either. It seems to scan the memmap and attempt to determine a working slide, and without passing it as a bootarg (and therefore leaking it to the OS), but if we're going to force slide=0 this should be able to be turned off.
Code:
ProvideCustomSlide
Type: plist boolean
Failsafe: false
Description: Provide custom KASLR slide on low memory.
This option performs memory map analysis of your firmware and checks whether all slides (from 1 to 255) can be
used. As boot.efi generates this value randomly with rdrand or pseudo randomly rdtsc, there is a chance of
boot failure when it chooses a conflicting slide. In case potential conflicts exist, this option forces macOS to use a
16
pseudo random value among the available ones. This also ensures that slide= argument is never passed to the
operating system for security reasons.
Note: The necessity of this quirk is determined by OCABC: Only N/256 slide values are usable! message
in the debug log. If the message is present, this option is to be enabled.
I don't know if you need SetupVirtualMap. The docs say it's for some firmwares that have early boot crashes and this fixes it. I don't need it in my case and I would think since we run the same board that you wouldn't either.
Code:
SetupVirtualMap
Type: plist boolean
Failsafe: false
Description: Setup virtual memory at SetVirtualAddresses.
Select firmwares access memory by virtual addresses after SetVirtualAddresses call, which results in early boot
crashes. This quirk workarounds the problem by performing early boot identity mapping of assigned virtual
addresses to physical memory.
Note: The necessity of this quirk is determined by early boot failures.
You had SetupVirtualMap and EnableSafeModeSlide on in all tests. I see you disabled ProvideCustomSlide in test 3 only and may be able to disable it again.
I know from using OpenCore that I don't need ForceExitBootServices and you only disabled it at the end. I wonder if this fixed something for you. I don't think I ever enabled it, as the docs seem to discourage using it unless necessary.
I would say we'll always need AvoidRuntimeDefrag and EnableWriteUnprotector to boot at all. I never turned AvoidRuntimeDefrag off as the docs say basically anything that isn't a real Mac or VMware should keep it on. I can't boot without EnableWriteUnprotector. DevirtualizeMmio is what frees us up some extra space (though oddly on actual OC I still need to turn iGPU off), so we should keep it.
QuirksProvideConsoleGopEnable I'm not sure of. It's implemented differently in OpenCore (a different config section), but I need the OpenCore equivalent to boot.
A test on my to do list is to see if I can figure out what quirk is implemented differently between OpenCore and OcQuirks where OcQuirks lets me boot reliably with iGPU but OpenCore doesn't.