Contribute
Register

[Solved] NVIDIA Web Driver iBooks Bug

Status
Not open for further replies.
UtterDisbelief said:
I was a little daring though and have installed it in EFI/CLOVER/kexts/Other instead. However, if that causes problems, I can always move it to /Library/Extensions.
Click to expand...

I have not tested that configuration, but can't think of a reason why it shouldn't work. If you don't experience issues that there's no need to change your setup. Note that your setup will cause the kext to load on installation disks and recovery mode too, which might not be what you want.

D-vise said:
Thank you so much! It works perfectly for me.

From the bare source code I could not understand how it works. Would it be possible to build a live switch for this?
Click to expand...

It's possible; the kext already supports unloading and removes its patches when you unload it. Thus, type "kextunload /Library/DisableLibraryValidation.kext" to disable the patch, and "kextutil /Library/DisableLibraryValidation.kext" to re-enable it. Move the kext out of /Library/Extensions to prevent it from starting with your system.

What use case were you thinking about exactly for the live switch?
 
mlg said:
What use case were you thinking about exactly for the live switch?
Click to expand...
I'd imagine it would be a security feature, since disabling validation makes the system less secure, having a live switch would be helpful when you only want to load unsigned libraries while you are using the apps that require them
 
Erebus
GA-Z170X-Gaming 5 |  i7 6700K |  GeForce GTX 970
mlg said:
I have not tested that configuration, but can't think of a reason why it shouldn't work. If you don't experience issues that there's no need to change your setup. Note that your setup will cause the kext to load on installation disks and recovery mode too, which might not be what you want.
...
Click to expand...

Thank you for that I'll bear it in mind. The Terminal commands you outline might be a better way to "switch" the validation on or off.

I can understand the need for a script 'switch' for this, for safety. At least until Nvidia repairs their drivers.

:)
 
UtterDisbelief 2020
Z390 M GAMING |  i5 9600K |  Radeon Other
UtterDisbelief CL
Z370M-DS3H |  i3 8350K |  Radeon Other
UtterDisbelief KL
GA-Z270-Gaming K3 |  i3 7320 |  GeForce GTX 1050 OC
Thank you so much! It works perfectly for me. thnkkkkkkssssss
 
boywithaxe said:
I'd imagine it would be a security feature, since disabling validation makes the system less secure, having a live switch would be helpful when you only want to load unsigned libraries while you are using the apps that require them
Click to expand...

It is a hardening feature; I wouldn't worry too much about someone exploiting the absence of a hardening feature in combination with a vulnerable executable, that is insecure without it, unless you are some head of state. Disabling Library Validation does not instantly grant every process root access - there are quite a few hoops in between absence of Library Validation and privilege escalation. The main security feature of macOS (code identity) is kept in tact.

Personally, I prefer to have a working, slightly less secure desktop system than having to deal with the inconvenience of switching security stuff on and off just to be able to use some apps. (This gets especially tricky with long-running apps, such as Little Snitch's network monitor.)

A secure and convenient way to solve this is to have AMFI recognize the NVIDIA web drivers as platform binary. However, considering that we only need a temporary workaround until the next macOS release bundes Pascal drivers (or, better yet, fixes the problem), I wouldn't want to invest the time into programming such a complex and fragile construct around AMFI.
 
Last edited:
pit512 said:
mlg, can we disable IGPU in BIOS?
Click to expand...

Yes, EDIT: but you can also leave it enabled for features such as Intel Quick Sync Video. The OS will pick the right GPU for you either way.
 
Yes, this works for me. OS X 10.12.5 with a GTX970 using the NVIDIA web drivers. Great work!
 
mlg said:
Hi everyone. I wrote a kernel extension, which resolves the problem for those of us without the option to enable an internal GPU. It permits iBooks, Little Snitch and other software to do their rendering with the NVIDIA Web Driver.

https://github.com/mologie/macos-disable-library-validation

I'm not releasing a precompiled kext until I got a few confirmations that this works on more than just my machine. I kindly ask you to not distribute precompiled versions of the kext either - there'll be an official release once I get a few OKs. (EDIT: Link to precompiled version added to the end of this post.)

Please only follow these instructions if you're familiar with recovering Hackintosh systems. The kext loads on boot, and you may have to boot an installation disk or attach your disk to another Mac to remove it if things go haywire.

Quick start:
  1. Install Xcode
  2. Open Terminal
  3. Run the commands below
xcode-select --install
git clone https://github.com/mologie/macos-disable-library-validation.git
cd macos-disable-library-validation
./install.sh

You'll be prompted for your passcode for installing the kernel extension. All source code is available for review on GitHub.

EDIT: The precompiled version is available at https://github.com/mologie/macos-disable-library-validation/releases
Click to expand...


You are genius!
It is work! Now xcode and reveal app work fine, like macbook :D
 
Status
Not open for further replies.
Copyright © 2010 - 2024 tonymacx86 LLC
Back
Top