Misplaced Pages

Apple T2

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.

The Apple T2 (Apple's internal name is T8012) security chip is a system on a chip "SoC" tasked with providing security and controller features to Apple's Intel based Macintosh computers. It is a 64-bit ARMv8 chip and runs bridgeOS . T2 has its own RAM and is essentially a computer of its own, running in parallel to and responding to requests by the main computer that the user interacts with.

#803196

19-595: The main application processor in T2 is a variant of the Apple A10 , which is a 64-bit ARMv8.1-A based CPU. It is manufactured by TSMC on their 16 nm process, just as the A10. Analysis of the die reveals a nearly identical CPU macro as the A10 which reveals a four core design for its main application processor, with two large high performance cores, "Hurricane", and two smaller efficiency cores, "Zephyr". Analysis also reveals

38-659: A 4 MB L3 cache that services the entire SoC. The new 6-core @ 900 MHz GPU built into the A10 chip is 50% faster while consuming 66% of the power of its A9 predecessor. Further analysis has suggested that Apple has kept the GT7600 used in Apple A9, but replaced portions of the PowerVR based GPU with its own proprietary designs. These changes appear to be using lower half-precision floating-point numbers, allowing for higher-performance and lower power consumption. Embedded in

57-589: A chip (SoC) designed by Apple Inc. , part of the Apple silicon series, and manufactured by TSMC . It first appeared in the iPhone 7 and 7 Plus which were introduced on September 7, 2016, and is used in the sixth generation iPad , seventh generation iPad , and seventh generation iPod Touch . The A10 is the first Apple-designed quad-core SoC, with two high-performance cores and two energy-efficient cores. Apple states that it has 40% greater CPU performance and 50% greater graphics performance compared to its predecessor,

76-604: A configuration similar to the ARM big.LITTLE technology. Unlike most implementations of big.LITTLE, such as the Snapdragon 820 or Exynos 8890, only one core type can be active at a time, either the high-performance or low-power cores, but not both. Thus, the A10 Fusion appears to software and benchmarks as a dual core chip. Apple claims that the high-performance cores are 40% faster than Apple's previous A9 processor and that

95-426: A similar method as the jailbreaking of the iPhone with A10 chip, since the T2 chip is based on the A10 chip. Apple was notified of this vulnerability but did not respond before security researchers publicly disclosed the vulnerability. It was later demonstrated that this vulnerability can allow users to implement custom Mac startup sounds . Apple A10 The Apple A10 Fusion is a 64-bit ARM-based system on

114-558: Is built as a package on a package (PoP) together with its own LP-DDR4 RAM . Mac configurations with 1 TB of SSD storage or greater receive 2 GB LP-DDR4, while lower storage configurations receive 1 GB. The T2 communicates with the host via a USB-attached Ethernet port. There are numerous features regarding security, including: The T2 is integral in the boot sequence and upgrading of operating systems , not allowing unsigned components to interfere. There are other facilities present not directly associated with security. The Apple T2

133-478: Is designed to stay active even if the main computer is in a halted low power mode. The main application processor in T2 is running an operating system called bridgeOS . The secondary processor in T2 is an 32-bit ARMv7-A based CPU called Secure Enclave Processor (SEP) which has the task of generating and storing encryption keys. It is running an operating system called "sepOS" based on the L4 microkernel . The T2 module

152-482: The Apple A9 . The Apple T2 chip is based on the A10. On May 10, 2022, the iPod Touch 7th generation was discontinued, ending production of A10 Fusion chips. The latest software updates for the iPhone 7 & 7 Plus including the iPod Touch 7th generation variants systems using this chip are iOS 15.8.3 , released on July 29, 2024, as they were discontinued with the release of iOS 16 in 2022, while updates for

171-474: The checkm8 bug as it was roughly based on the A10 design from 2016 in the original iMac Pro. Rick Mark then ported libimobiledevice to work with the Apple T2 providing a free and open source solution to restoring the T2 outside of Apple Configurator and enabling further work on the T2. On March 6, 2020, a team of engineers dubbed T2 Development Team exploited the existing checkm8 bug in the T2 and released

190-454: The A10 is the M10 motion coprocessor . The A10 also includes a new image processor which Apple says has twice the throughput of the prior image processor. The A10 has video codec encoding support for HEVC and H.264 . It has decoding support for HEVC, H.264, MPEG‑4 Part 2 , and Motion JPEG . The A10 is packaged in a new InFO packaging from TSMC which reduces the height of the package. In

209-601: The T2 without any interaction from a custom charging device. Later in the year the release of the blackbird SEP vulnerability further compounded the impact of the defect by allowing arbitrary code execution in the T2 Secure Enclave Processor. This had the impact of potentially affecting encrypted credentials such as the FileVault keys as well as other secure Apple Keychain items. Developer Rick Mark then determined that macOS could be installed over

SECTION 10

#1732780614804

228-437: The hash of a dump of the secure ROM as a proof of entry. The checkra1n team quickly integrated the patches required to support jailbreaking the T2. The T2 Development Team then used Apple's undocumented vendor-defined messages over USB power delivery to be able to put a T2 device into Device Firmware Upgrade mode without user interaction. This compounded the issue making it possible for any malicious device to jailbreak

247-695: The iPad 7th generation variant systems using this chip are still supported. The A10 (internally, T8010) is built on TSMC's 16 nm FinFET process and contains 3.28 billion transistors (including the GPU and caches) on a die size of 125 mm . It features two Apple-designed 64-bit 2.34 GHz ARMv8-A cores called Hurricane , each with a die size of 4.18 mm . As the first Apple-produced quad-core SoC, it has two high-performance cores designed for demanding tasks like gaming, while also featuring two energy-efficient Apple-designed 64-bit 1.05 GHz cores codenamed Zephyr at 0.78 mm for normal tasks in

266-433: The same amount of RAM controllers, but a much reduced GPU facility; three blocks, only a quarter the size compared to A10. The die measures 9.6 mm Ã— 10.8 mm, a die size of 104 mm, which amounts to about 80% of the size of the A10. As it serves as a co-processor to its Intel based host, it also consists of several facilities handling a variety of functions not present in the host system's main platform. It

285-615: The same iDevice recovery protocols, which later ended up true of the M1 series of Apple Macs. On September 10, 2020, a public release of checkra1n was published that allowed users to jailbreak the T2. The T2 Development Team created patches to remove signature validation from files on the T2 such as the MacEFI as well as the boot sound. Members of the T2 Development Team begin answering questions in industry Slack instances. A member of

304-462: The security community from IronPeak used this data to compile an impact analysis of the defect, which was later corrected to correctly attribute the original researchers The original researchers made multiple corrections to the press that covered the IronPeak blog. In October 2020, a hardware flaw in the chip's security features was found that might be exploited in a way that cannot be patched, using

323-461: The two high-efficiency cores consume 20% of the power of the high performance Hurricane cores; they are used when performing simple tasks, such as checking email. A new performance controller decides in real-time which pair of cores should run for a given task in order to optimize for performance or battery life. The A10 has an L1 cache of 64  KB for data and 64 KB for instructions, an L2 cache of 3  MB shared by both cores, and

342-551: Was announced, including the T2 chip. The functionality of the T2 chip is incorporated in Apple's M-series CPUs, thus eliminating the need for a separate chip in Apple silicon -powered computers. The T2 chip was discontinued with the completion of the Mac transition to Apple silicon in June 2023. In October 2019 security researchers began to theorize that the T2 might also be affected by

361-401: Was first released in the iMac Pro in late 2017. On July 12, 2018, Apple released an updated MacBook Pro that includes the T2 chip, which among other things enables the "Hey Siri" feature . On November 7, 2018, Apple released the updated Mac mini and MacBook Air models with the T2 chip. MacBook Air's Touch ID sensor is powered by the chip. On August 4, 2020, a refresh of the 5K iMac

#803196