You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
With macOS Sonoma, Apple has dropped support for the T1 chip used by the Touchbar-based 2016 and 2017 MacBook Pros. Specifically communication to the T1 for cryptographic functions including key storage and ApplePay support.
Main features unsupported in Sonoma with the T1 chip:
Touch ID
ApplePay
Built-in Password Manager in Safari and System Settings
Use Keychain as alternative
Affected Models
Model
Name
MacBookPro13,2
MacBook Pro (13-inch, 2016, Four Thunderbolt 3 Ports)
MacBookPro13,3
MacBook Pro (15-inch, 2016)
MacBookPro14,2
MacBook Pro (13-inch, 2017, Four Thunderbolt 3 Ports)
MacBookPro14,3
MacBook Pro (15-inch, 2017)
Technical Breakdown
The T1 security chip is an Apple Watch Series 2 SoC, connected to the MacBook Pro over USB 2.0 internally. Communication to the chip is handled by KernelRelayHost.kext, which connects onto the USB device in IOService and is accessible through the KernelRelayHost class.
In Sonoma, the following kexts dropped communication support through the KernelRelayHost class:
AppleCredentialManager.kext
AppleKeyStore.kext
AppleSSE.kext
When these kexts are downgraded and AppleKeyStore removed outright, we see that partial communication is restored (namely built-in Password Manager support) however other features such as Apple ID login break. This is due to AppleKeyStore not publishing an entry in IOService, thus breaking communication in multiple parts of the OS.
For System Profiler's ApplePay tab, macOS determines support through the following chain:
SecureElementHelper.xpc loads NearField.framework and starts a new instance:
[NFHardwareManager sharedHardwareManager]
NearField.framework then loads /usr/lib/libnfshared.dylib (_sharedHardwareManagerWaitOnHWInit)
libnfshared.dylib loads the nfcd XPC service (/usr/libexec/nfcd)
nfcd then loads /usr/lib/libPN548_API.dylib to probe for hardware
Additionally loads AppleSSE.kext for hardware communication
Unfortunately at this point, we're still unable to restore ApplePay support. Currently no timeline can be provided to when these issues will be resolved.
The text was updated successfully, but these errors were encountered:
With macOS Sonoma, Apple has dropped support for the T1 chip used by the Touchbar-based 2016 and 2017 MacBook Pros. Specifically communication to the T1 for cryptographic functions including key storage and ApplePay support.
Main features unsupported in Sonoma with the T1 chip:
Affected Models
Technical Breakdown
The T1 security chip is an Apple Watch Series 2 SoC, connected to the MacBook Pro over USB 2.0 internally. Communication to the chip is handled by KernelRelayHost.kext, which connects onto the USB device in IOService and is accessible through the KernelRelayHost class.
In Sonoma, the following kexts dropped communication support through the KernelRelayHost class:
When these kexts are downgraded and AppleKeyStore removed outright, we see that partial communication is restored (namely built-in Password Manager support) however other features such as Apple ID login break. This is due to AppleKeyStore not publishing an entry in IOService, thus breaking communication in multiple parts of the OS.
For System Profiler's ApplePay tab, macOS determines support through the following chain:
/System/Applications/System Profiler.appinvokes SecureElementHelper.xpc/System/Library/SystemProfiler/SPSecureElementReporter.spreporter/Contents/XPCServices/SecureElementHelper.xpc[NFHardwareManager sharedHardwareManager]_sharedHardwareManagerWaitOnHWInit)/usr/libexec/nfcd)/usr/lib/libPN548_API.dylibto probe for hardwareUnfortunately at this point, we're still unable to restore ApplePay support. Currently no timeline can be provided to when these issues will be resolved.
The text was updated successfully, but these errors were encountered: