View attachment 377425
Installing 3rd Party Kexts in /Library/Extensions
1. What Versions of MacOS does this guide cover ?
The methods detailed in this guide will work on the following versions of MacOS
- MacOS 10.11.X - El Capitan
- MacOS 10.12.X - Sierra
- MacOS 10.13.X - High Sierra
- MacOS 10.14.X - Mojave
- MacOS 10.15.X - Catalina
Note: If you are using
VirtualSMC in place of
FakeSMC then you should replace all instances of
FakeSMC mentioned in this guide with the
Lilu and
VirtualSMC kexts, some users have reported that it is necessary to use
LiluFriend to load
VirtualSMC early enough in the boot process - see
posts #7 to #13 for more info.
2. Where should I install 3rd Party Kexts ?
When using the Clover boot-loader there are two methods we can use for 3rd party kexts that are needed to run MacOS on non-Apple hardware.
1. You can copy all your 3rd party kexts to /EFI/Clover/Kexts/Other and allow Clover to Inject all the kexts by setting Clover -> System Parameters -> Inject Kexts to "Yes".
2. You can install all your 3rd Party kexts (including FakeSMC) in to /Library/Extensions (/L/E) which is the method that this guide will cover.
Which method you use is entirely personal choice, there are pros-and cons for each method which are discussed at length elsewhere in these forums.
3. Why should I use /Library/Extensions over Clover Injected kexts ?
- Injected Kexts live outside of "protected MacOS memory" *
- Injecting a large amount of kexts may result in an unstable system
- Some older 3rd party kexts do not work correctly when injected by Clover
- Injected Kexts are not included in the kernel cache and thus are excluded form MacOS error checking **
Notes:
* I use the term "protected MacOS memory" in this guide as a generic descriptive term. In reality kext's installed in /L/E are loaded into MacOS's kernel memory which is 'protected' (IE: segregated) form application memory and execution memory. Everything running in kernel memory (including kexts) is actively managed and monitored by MacOS wheres as injected kexts are not.
** Lilu and it's plug-in's have a built in method for debugging and logging which also work's if they are injected.
February 2020 kexts installed in /L/E miss-information.
There have been a few posts on this and other sites claiming that Apple has "clamped down" on non-authorised 3rd party kexts when installed in
/Library/Extensions (/L/E) with effect from mid-February 2020 ... this news has been interpreted wrongly with claims that installing 3rd party Hackintosh kexts in
/Library/Extensions (/L/E) on MacOS Catalina and later will result in MacOs refusing to load them and that you should use Clover to inject 3rd party kexts.
THIS IS NOT TRUE !
What Apple actually did is drop support for kexts that used some legacy MacOS security API methods.
None of the 3rd party kexts that we use to enable MacOS to run on non-Apple hardware (that I know of) use the legacy security API.
As of Catalina 10.15.5
All Hackintosh 3rd party kexts that I have been able to test work just as well as they always did when installed in /L/E with the caveat that the
BooterConfig and
CsrActiveConfig parameters in Clover's
RTVariables section are set to the correct values and that you use one of the kext install methods detailed in section 6 of this guide.
Of course you are free to choose which method you want to use, some users find it easier to use Clover injection as it's simply a case of copying them to the /EFI/Clover/kexts/other folder. I myself install all 3rd party kexts in
/Library/Extensions (/L/E) on all my Hackintosh system and everything works just fine.
4. Why does Clover have the Inject Kexts feature ?
The original reason that Clover supports injecting kexts is to load critical kexts required to run the following :-
- MacOS Installer
- MacOS Updater
- MacOS Recovery
Since none of the above are full operating systems it is not possible to easily
install the kexts we need so we use Clover to
inject the critical kexts we need before booting any of the above packages. Most users will only need
FakeSMC in
EFI/Clover/kexts/Other in order to run all of the above packages. Some users may need to add additional driver kexts in order to access 3rd party storage controllers or NAS based TimeMachine backups, laptop users may need to add a mouse or trackpad kext if they require mouse control when running Recovery.
Think very carefully about the kexts you
actually need in
EFI/Clover/kexts/Other ... you only need the absolute bare minimum to run the above packages.
Examples of Critical Kexts :-
- FakeSMC (or Lilu + VirtualSMC) is a basic necessity and must always be included in EFI/Clover/kexts/Other
- Some GPU's/IGPU's may need Lilu + WhatEverGreen kexts
- Ethernet driver if you need to restore a TimeMachine Backup in Recovery from a NAS
- VoodooPS2Controller on laptops so you can use keyboard and trackpad in recovery
Examples of Non-Critical Kexts :-
- Audio drivers (EG AppleALC)
- Bluetooth drivers
- Airport drivers
- FakeSMC Sensor plug-in's
If your in doubt as to if you need a particular kext (or not) first try with out it, the best test is to try to boot MacOS recovery (as long as it is installed) .. once you can boot MacOS recovery then your system will also be able to boot the MacOS Updater and Installer.
5. How does Clover know to Inject kexts or Not ?
You need to set Clover -> System Parameters -> Inject Kexts to "Detect"
With this setting, Clover will look for
FakeSMC (or Lilu + VirtualSMC) in
/Library/Extensions or the MacOS Kernel Cache when you select/boot MacOS, if '
detected' Clover
will not inject
any kexts and leave MacOS to
load all the 3rd party kexts (including
FakeSMC) from
/Library/Extensions (or the kernel cache).
If Clover
does not 'detect'
FakeSMC (or Lilu + VirtualSMC) in
/Library/Extensions or the MacOS Kernel Cache such as when booting Recovery or a MacOS update then Clover will inject all the kexts from the
EFI/Clover/kexts/Other folder.
6. How do I install kexts in /Library/Extensions ?
Important: Do not use Finder to copy kext's to /Library/Extensions as it will not correctly install the kext(s)
Prerequisites :-
First we need to make sure that MacOS is allowed to load unsigned kexts/drivers by setting
BooterConfig and
CsrActiveConfig in Clover's
RTVariables section to the correct values.
Code:
<key>RtVariables</key>
<dict>
<key>BooterConfig</key>
<string>0x28</string>
<key>CsrActiveConfig</key>
<string>0x67</string>
.
.
.
</dict>
You can also set these values in the
RTVariables section of Clover Configurator :-
Note: A very few users have reported that due to a rare SIP bug in early release versions of Catalina it was necessary to enable SIP to install kexts into /L/E ..... if you find you are unable to install Kexts into /L/E in Catalina using the methods below then try setting
CsrActiveConfig to 0x0 and install the kexts as detailed below then once installed reset
CsrActiveConfig to 0x67. The issue was resolved by Apple with the Catalina 10.15.4 update.
The Hackintool Method
Prerequisites: Make sure you have the latest version of
Hackintool installed
Tip: If you have a lot of kexts to install then it easer to copy them all to a common folder.
Run Hackintool and click the "
Utilities" icon on the upper in-app menu (used to be "Tools" in previous versions)
Now click on the "
Install Kexts(s)" icon on the lower menu
View attachment 405214
Navigate to the folder you want to install the kext(s) from and select (CMD-Click) the ones you want to install so that they are highlighted, then click on "
Select".
View attachment 405218
Hackintool will now prompt you for your admin/system password
View attachment 451079
Hackintool will now ask where you want to install the kexts to, it defaults to /L/E so just click on "Select Destination"
View attachment 451076
If you are running MacOS Catalina (or later), Hackintool will ask if you want to Disable Gatekeeper and mount the system drive in Read/Write mode ... Click on "OK" (
Note: Gatekeeper will be automatically re-enabled and the system drive flagged as read only on the next system reboot).
View attachment 451078
Hackintool will now install the selected kexts into /L/E, repair all kext permissions and rebuild the kext caches :-
View attachment 405215
Once it's finished you should see something like the following :-
View attachment 405216
Thats it .. job done ... don't worry that the output is red .. thats completely normal, you should now reboot your system to load the newly installed kexts.
_____________________________________
Terminal/Console Method :-
For MacOS Catalina Only:
Before installing Kexts you must first disable Gate Keeper and mount the System Partition as Read/Wriet.
Enter the following commands in terminal, one at a time :-
Code:
sudo spctl --master-disable
sudo mount -uw
sudo killall Finder
For All MacOS versions :
Using Finder, create a folder on your desktop, copy all the kexts you want to install into it.
- Open Terminal and change the active path to the folder you created in step 1 using the "CD" command.
- Install the Kexts into /Library/Extensions using the following command :-
Code:
sudo cp -R *.kext /Library/Extensions
4. To repair permissions and rebuild the caches enter the following commands one at a time :-
Code:
sudo chown -v -R root:wheel /System/Library/Extensions
sudo touch /System/Library/Extensions
sudo chmod -v -R 755 /Library/Extensions
sudo chown -v -R root:wheel /Library/Extensions
sudo touch /Library/Extensions
sudo kextcache -i /
The above command set is a belt and braces approach (mimics what Hackintool and Kext Utility does) and should make sure that there are no problems with any file persimmons on the system kexts (in /S/L/E) and the 3rd party kexts (in /L/E).
Once finished reboot your system.
7. Updating Kexts
If you need to update one or more kexts then use
Finder to the delete just the kexts you want to update (
do not select all/delete all) from
/Library/Extensions and then install the new versions using one of the methods detailed in section 7 of this guide.
Note: Catalina users should first run Hackingtool and click on the icon in the tools section to disable Gatekeeper and mount the System drive in Read/Write, then you can delete the kexts you want to update and then use Hackintool to install the updated kext(s).
To update kexts in
EFI/Clover/kexts/Other simply use
Finder to copy and paste the new kexts and select "Replace" when prompted.
8. Deleteting Kexts
If you need to delete one or more kexts, simply navigate to /L/E in
Finder, select the kext(s) you no longer need and select
Move to Trash in the context menu (right click).
Note: Catalina users should first run Hackingtool and click on the icon in the tools section to disable Gatekeeper and mount the System drive in Read/Write, then you can delete the necessary kexts.
Then run Hackingtool and use the "
Repair Permissions and Rebuild Caches" feature on the
Tools page :-
View attachment 406069
Alternatively you can run Kext Utility or execute the Terminal commands to repair permissions and rebuild the caches (see Section-7 above).
9. Summary
1. Copy FakeSMC and only critical kext's needed to run the MacOS Installer, Updater or Recovery to EFI/Clover/kexts/Other
2. Install all 3rd party kexts (including FakeSMC) required to run MacOS in /Library/Extensions
3. Set Clover -> System Parameters -> Inject Kexts to "Detect"
