Contribute
Register

[GUIDE] Installing 3rd Party Kexts - El Capitan, Sierra, High Sierra, Mojave, Catalina

View attachment 377425
Installing 3rd Party Kexts

1. What Versions of MacOS does this guide cover ?

The methods detailed in this guide will work on the following versions of MacOS
  • MacOS 10.11.X - El Capitan
  • MacOS 10.12.X - Sierra
  • MacOS 10.13.X - High Sierra
  • MacOS 10.14.X - Mojave
  • MacOS 10.15.X - Catalina
Note: If you are using VirtualSMC in place of FakeSMC then you should replace all instances of FakeSMC mentioned in this guide with the Lilu and VirtualSMC kexts, additionally some users have reported that it is necessary to use LiluFriend to load VirtualSMC early enough in the boot process - see posts #7 to #13 for more info.



2. Where should I install 3rd Party Kexts ?

You should install all 3rd Party kexts (including FakeSMC) to /Library/Extensions (/L/E)
Warning: you can not simply use Finder to copy kexts into /L/E (see Section 7 below)



3. What about EFI/Clover/kexts/Other ?

It seems that many users are under the impression that you can simply copy all 3rd Party Kexts into EFI/Clover/kexts/Other and allow Clover to Inject the kexts by setting Clover -> System Parameters -> Inject Kexts to "Yes" which will result in a maintenance free and more native MacOS install.

This assumption is completely wrong ...



4. Why should I use /Library/Extensions over Clover Injected kexts ?

Contrary to Hackintosh myth, having Clover inject all the 3rd party kexts does not result in a cleaner install, in fact the exact opposite is true.
  • Injected Kexts live outside of "protected MacOS memory" *
  • Injecting a large amount of kexts can result in an unstable system.
  • Many 3rd party kexts will not work correctly when injected by Clover.
  • Injected Kexts are not included in the kernel cache and thus are excluded form MacOS error checking.
  • Installing kexts in /Library/Extensions is the Apple endorsed and recommended location for all 3rd Party kexts.
If you purchase a piece of hardware that requires the installation of a manufactures MacOS driver, the kexts will be installed in /Library/Extensions so why treat hackingtosh kexts any different ?

* Note: I use the term "protected MacOS memory" in this guide as a generic descriptive term. In reality kext's installed in /L/E are loaded into MacOS's kernel memory which is 'protected' (IE: segregated) form application memory and execution memory. Everything running in kernel memory (including kexts) is actively managed and monitored by MacOS.



5. If thats true why does Clover even have this feature ?

The main reason that Clover supports injecting kexts is to load critical kexts required to run the following :-
  • MacOS Installer
  • MacOS Updater
  • MacOS Recovery
Since none of the above are full MacOS operating systems it is not possible to install the kexts we need to run them so we use Clover to inject the critical kexts we need before running them. Most users will only need FakeSMC in EFI/Clover/kexts/Other in order to run all of the above packages. Some users may need to add additional driver kexts in order to access 3rd party storage controllers or NAS based TimeMachine backups, laptop users may need to add a mouse or trackpad kext if they require mouse control when running Recovery.

Think very carefully about the kexts you actually need in EFI/Clover/kexts/Other ... you only need the absolute bare minimum to run the above packages.



6. How does Clover know to Inject kexts or Not ?

You need to set Clover -> System Parameters -> Inject Kexts to "Detect"

With this setting, Clover will look for FakeSMC in /Library/Extensions or the MacOS Kernel Cache when you select/boot MacOS, if 'detected' Clover will not inject any kexts and leave MacOS to load all the 3rd party kexts (including FakeSMC) from /Library/Extensions (or the kernel cache) which is the preferred and recommended method for all the reasons stated in section 4. of this guide.

If Clover does not 'detect' FakeSMC in /Library/Extensions or the MacOS Kernel Cache such as when booting Recovery or a MacOS update then Clover will inject all the kexts from the EFI/Clover/kexts/Other folder.

Note: It is also possible to set Clover -> System Parameters -> Inject Kexts to either "No" or "Yes", these values should be considered as debugging settings, if set to "No" then Clover will never Inject any kexts and thus you will be unable to run Recovery or any MacOS Updates. If Set To "Yes" then Clover will Inject all kexts in EFI/Clover/kexts/Other regardless of any other condition, this can obviously cause problems if you have duplicate kexts in /Library/Extensions as these kexts will be loaded twice which can be especially problematic if you have different versions in the two locations.



7. How do I install kexts in /Library/Extensions ?

Important: Do not use Finder to copy kext's to /Library/Extensions as it will not correctly install the kext(S)

Prerequisites :-

First we need to make sure that MacOS is allowed to load unsigned kexts/drivers by setting BooterConfig and CsrActiveConfig in Clover's RTVariables section to the correct values.

Code:
<key>RtVariables</key>
    <dict>
        <key>BooterConfig</key>
        <string>0x28</string>
        <key>CsrActiveConfig</key>
        <string>0x67</string>
        .
        .
        .
    </dict>


You can also set these values in the RTVariables section of Clover Configurator :-

386314


Note: With MacOS Catalina 10.15.X Apple has moved MacOS on to its own system partition which is normally read only, as such installing kexts into /L/E is a little more complex than it was in previous versions of MacOS. Luckily @headkaze has already added Catalina support to Hackintool for installing kexts and rebuilding the kernel cache, if your running MacOS Catalina then you should stick to the Hackintool method described below.

The Hackintool Method

Prerequisites:
Make sure you have the latest version of Hackintool installed

Tip: If you have a lot of kexts to install then it easer to copy them all to a common folder (if not already).

Run Hackintool and click on the "Tools" icon on the upper in-app menu.

Catalina only: On the lower in-app menu bar click on the icon to "Disable Gatekeeper" and mount the System drive in Read/Write mode, You will be prompted to enter your system/admin password :-

View attachment 413364


For all versions of MacOS: Now click on the "Install Kexts(s)" icon on the lower menu

View attachment 405214
Navigate to the folder you want to install the kext(s) from and select (CMD-Click) the ones you want to install so that they are highlighted, then click on "Select".

View attachment 405218

If prompted enter your admin/system password, Hackintool will now install the selected kexts into /L/E, repair all kext permissions and rebuild the kext caches :-

View attachment 405215
Once it's finished you should see something like the following :-

View attachment 405216

Thats it .. job done ... don't worry that the output is red .. thats completely normal, you should now reboot your system to load the newly installed kexts.

_____________________________________

Legacy Easy Method :-

Note:
This method will not work with MacOS Catalina.

Download KextBeast which is available in the downloads section, copy all the kext's you want to install onto the desktop and run the KextBeast pkg file, click on Continue a few times, enter your admin password when prompted and accept the usual notices until you get the option to select the install target. Select /Library/Extensions and click on Continue.

View attachment 406002
KextBeast will install the kext's that you placed on the desktop into the target Extensions folder. Once Kext Beast has done its work it will offer you the option of keeping the pkg or deleting it. I generally click on "keep" as i'm always trying new and different versions of kext's and KextBeast is a quick and easy way to do the job.

Note: Do not install kexts into /System/Library/Extensions unless you are running a version of MacOS earlier than El-Capitan as it will cause SIP (System Integrity Protection) issues.

Once Kext Beast has finished I recommend running version 2.6.6 of cVad's Kext Utility (click here to download) which will repair any broken kext permissions and rebuild the caches. Simply run the app and enter your admin password when prompted, then wait while Kext Utility does it's work, it will take a while (approx 40 seconds) ... you will know when it's finished once you see "Quit" in black text at the bottom of the app window.

View attachment 406003
Warning: Do not use Kext Utility to install a kext as it does not support installing kext's into /Library/Extensions, it does however do a very good job of repairing all kext permissions and rebuilding the caches.

Once Kext Utility has finished reboot your system.

_____________________________________

Terminal/Console Method :-

Note:
This method will not work with MacOS Catalina.
  1. Using Finder, create a folder on your desktop, copy all the kexts you want to install into it.
  2. Open Terminal and change the active path to the folder you created in step 1 using the "CD" command.
  3. Install the Kexts into /Library/Extensions using the following command :-
Code:
sudo cp -R *.kext /Library/Extensions


4. To repair permissions and rebuild the caches enter the following commands one at a time :-​

Code:
sudo chown -v -R root:wheel /System/Library/Extensions
sudo touch /System/Library/Extensions
sudo chmod -v -R 755 /Library/Extensions
sudo chown -v -R root:wheel /Library/Extensions
sudo touch /Library/Extensions
sudo kextcache -i /


The above command set is a belt and braces approach (mimics what Hackintool and Kext Utility does) and should make sure that there are no problems with any file persimmons on the system kexts (in /S/L/E) and the 3rd party kexts (in /L/E).

Once finished reboot your system.



8. Updating Kexts

If you need to update one or more kexts then use Finder to the delete just the kexts you want to update (do not select all/delete all) from /Library/Extensions and then install the new versions using one of the methods detailed in section 7 of this guide.

Note: Catalina users should first run Hackingtool and click on the icon in the tools section to disable Gatekeeper and mount the System drive in Read/Write, then you can delete the kexts you want to update and then use Hackintool to install the updated kext(s).

To update kexts in EFI/Clover/kexts/Other simply use Finder to copy and paste the new kexts and select "Replace" when prompted.



9. Deleteting Kexts

If you need to delete one or more kexts, simply navigate to /L/E in Finder, select the kext(s) you no longer need and select Move to Trash in the context menu (right click).

Note: Catalina users should first run Hackingtool and click on the icon in the tools section to disable Gatekeeper and mount the System drive in Read/Write, then you can delete the necessary kexts.

Then run Hackingtool and use the "Repair Permissions and Rebuild Caches" feature on the Tools page :-

View attachment 406069
Alternatively you can run Kext Utility or execute the Terminal commands to repair permissions and rebuild the caches (see Section-7 above).



10. Summary

1. Copy FakeSMC and only critical kext's needed to run the MacOS Installer, Updater or Recovery to EFI/Clover/kexts/Other
2. Install all 3rd party kexts (including FakeSMC) required to run MacOS in /Library/Extensions
3. Set Clover -> System Parameters -> Inject Kexts to "Detect"​

Many thanks! @jaymonkey, Just login to say thanks for the summary. There's a saying: " instead of giving people fish, better to teach them fishing!" I have always been in big favor of reading such in-depth tutorial in order to get me deeper understanding how to make perfect/flawless *hackmac*...

back to topic: Installing 3rd party kexts into /L/E instead of S/L/E, I wonder what are other benefits besides order/discipline and maintain system integrity? secondly, if I have already the set of FakeSMC and the sensors kext in EFI/.../Clover/.../other/, do I still need to have some those kexts also in /L/E? why please..
 
Installing 3rd party kexts into /L/E instead of S/L/E, I wonder what are other benefits besides order/discipline and maintain system integrity?


@Cabriolet,

You should not install any kexts in /S/L/E for MacOS El Capitan onwards as it will break system integrity .. only MacOS system kexts live in /S/L/E and 3rd party kexts should be installed in /L/E.

secondly, if I have already the set of FakeSMC and the sensors kext in EFI/.../Clover/.../other/, do I still need to have some those kexts also in /L/E? why please..


If you have set Clover -> System Parameters -> Inject Kexts to "Detect" (as the guide states) then yes, you should install all your needed 3rd party kexts including FakeSMC and any supporting sensor plugin kexts in /L/E.

Cheers
Jay
 
Last edited:
Did some testing of putting Kexts in Clover/Other or /Library/Extensions on a simple build with WEG, AppleALC, Lilu, USBInjectAll. Keeping FakeSMC in both places and then trying combinations of of kexts in either one or the other places and allways with kexts set to "detect", and found that they worked, ie. no matter where the kexts were, they were loaded and seemed to operate the same - Except when Lilu was in /L/E and WEG was in /other, when the machine wouldn't boot. Left it with only FakeSMC in /Other.
 
Did some testing of putting Kexts in Clover/Other or /Library/Extensions on a simple build with WEG, AppleALC, Lilu, USBInjectAll. Keeping FakeSMC in both places and then trying combinations of of kexts in either one or the other places and allways with kexts set to "detect", and found that they worked, ie. no matter where the kexts were, they were loaded and seemed to operate the same - Except when Lilu was in /L/E and WEG was in /other, when the machine wouldn't boot. Left it with only FakeSMC in /Other.


@nicksoph,

If you have set Clover -> System Parameters -> Inject Kexts to "Detect" and you have FakeSMC in /L/E then Clover will never inject any kexts when booting MacOS ... it will only inject them when booting Recovery, MacOS Installer or MacOS Update which is what the guide recommends.

Thats why when you put WEG in /Other it did not work.

Cheers
Jay
 
@jaymonkey - Im doing something wrong testing this. I want to stop. Tested again using usbinjectall only in /other (not in /l/e) and get all my usb ports, despite 'detect' being set and all the other kexts in /L/E.
 
@jaymonkey - Im doing something wrong testing this. I want to stop. Tested again using usbinjectall only in /other (not in /l/e) and get all my usb ports, despite 'detect' being set and all the other kexts in /L/E.


@nicksoph,

Not really sure what your actually testing ... I have the USBInjectAll.kext only in /L/E on all my Hacks and it works just fine. RehabMan himself states that the kext should be installed in /L/E on the instructions on his GitHub page :-

Rehabman's USBInjectAll GitHub Page said:
Install via Terminal:

Code:
sudo cp -R Release/USBInjectAll.kext /Library/Extensions
sudo touch /System/Library/Extensions && sudo kextcache -u /


Cheers
Jay
 
Last edited:
Just trying to find out what happens and can see my experience does not match what is being said by the people who know how these things work.
"...in /L/E then Clover will never inject any kexts when booting MacOS..." seems not to be true when I tested it with USBInjectAll. My machine has ports which require USBInjectAll and they work despite the kext being alone with fakesmc in /other and not in /l/e where all the other kexts are but I may be missing something. When/if you find yourself able to test, please do and if it does behave as you say then I know it's just me doing something wrong and I can live with that.
 
Last edited:
"...in /L/E then Clover will never inject any kexts when booting MacOS..." seems not to be true when I tested it with USBInjectAll. My machine has ports which require USBInjectAll and they work despite... but I may be missing something. When/if you find yourself able to test, please do and if it does behave as you say then I know it's just me doing something wrong and I can live with that.


@nicksoph,

Are you sure you rebuilt the kext cache after removing USBInjectAll from /L/E, if not then it will still in the kext cache ...

A useful test is to execute the following command in terminal :-

Code:
sudo kextcache -i /

This will force a rebuild of the kext cache and show the paths of all the kext's in the cache :-

Screenshot 2019-07-04 at 17.15.20.png

Look for the USBInjectAll.kext .. it will confirm if its included in the kextcache or not.

Cheers
Jay
 
I'm sure I did NOT - thanks for your patience. Sorry to have wasted your time.


@nicksoph,

There is always usually a reason :) .. put it down as a learning exercise ...
And remember that everyday is a school day in the Hackingtosh world ...

Cheers
Jay
 
Last edited:
Back
Top