drdonk / esxi-unlocker Goto Github PK

VMware macOS utilities

License: MIT License

Python 72.03% Shell 27.97%

esxi-unlocker's Introduction

macOS Unlocker V4 for VMware ESXi

IMPORTANT: Security Update

VMware have announced and fixed a vulnerability in VMware Tools across macOS, Linux and Windows guests. Please ensure that you update the guest tools which can be found here https://vmware.com/go/tools.

Unlocker 2007-2023

This project is now archived.

The unlocker should continue to run as there have been few changes to the VMware code in many years. I have stopped developemnt as I no longer use VMware but would be happy to refer to a fork if someone sends me an email with the relevant details.

There is also Auto Unlocker which is still active.

1. Introduction

Unlocker 4 is designed for VMware ESXi 7.

The Unlocker enables certain flags and data tables that are required to see the macOS type when setting the guest OS type, and modify the implmentation of the virtual SMC controller device. These capabiltiites are normally exposed in Fusion and ESXi when running on Apple hardware.

The patch code carries out the following modifications dependent on the product being patched:

Patch vmx and derivatives to allow macOS to boot
Patch libvmkctl.so to allow vCenter to boot macOS guests

It is important to understand that the Unlocker cannot add any new capabilities to VMware ESXi but enables support for macOS that is disabled in the VMware products when run on non-Apple hardware.

The Unlocker cannot:

add support for new versions of macOS
add paravirtualized Apple GPU support
add AMD CPU support

or any other features that are not already in the VMware compiled code.

2. Installing the patcher

The ESXi unlocker will need to be run each time the ESXi Server is upgraded.

It is also best to switch ESXi to Maintanence mode and make sure you do not have any VMs running.

The code is written in Python and has no pre-requisites and should run directly from the release zip download.

Download a binary release from https://github.com/DrDonk/esxi-unlocker/releases
Unload the archive to a folder on the ESXi server datastore and extract the files
Navigate to the folder with the extracted files

You will then need to run one of the following commands to patch or unpatch the ESXi software.

unlock - apply patches to VMware ESXi
relock - remove patches from VMware ESXi
check - check the patch status of your VMware installation

4. Thanks

Thanks to Zenith432 for originally building the C++ Unlocker and Mac Son of Knife (MSoK) for all the testing and support.

Thanks also to Sam B for finding the solution for ESXi 6 and helping me with debugging expertise. Sam also wrote the code for patching ESXi ELF files and modified the Unlocker code to run on Python 3 in the ESXi 6.5 environment.

Thanks to lucaskamp for testing the new version 4 of ESXi Unlocker.

esxi-unlocker's People

Contributors

Stargazers

Watchers

esxi-unlocker's Issues

Possibly incorrect permissions on files in ./tmp

ESXi 8.0 with unlocker 4.0.3 on Xeon E2378G

I first unzipped 4.0.3 into /tmp and ran the unlock. It didn't quite work but, sorry, I can't say exactly what else I did or saw. I eventually ran relock then unzipped to and tried again (after seeing that it should be unzipped in a datastore).

Now I have a problem that it fails to unlock. The unlock fails with the following messages:

Filename: ./tmp/bin/vmx
Traceback (most recent call last):
  File "./patchsmc", line 460, in <module>
    main()
  File "./patchsmc", line 445, in main
    f(filename)
  File "./patchsmc", line 213, in patchsmc
    with open(name, 'rb+') as vmx:
PermissionError: [Errno 13] Permission denied: './tmp/bin/vmx'

for vmx, vmx-debug, vmx-stats and libvmkctl.so

The "ls -l" of the three files in /bin are

-r-sr-xr-x    1 root     root      27337544 Sep 23 17:39 /bin/vmx
-r-sr-xr-x    1 root     root      36574952 Sep 23 17:39 /bin/vmx-debug
-r-sr-xr-x    1 root     root      32163592 Sep 23 17:41 /bin/vmx-stats

and the one in /lib64 is

-r-xr-xr-x    1 root     root      11066080 Sep 23 17:43 /lib64/libvmkctl.so

These files are copied to ./tmp and have the same permissions there (I ran an aborted ./unlock to check)
so unless I'm missing something, the file open fails because the permissions are wrong.

What should the permissions, group and owner be in the /bin and /lib64 folders? If they are wrong, I can chmod/chown them and try to lock again. If they are right, how is it working for everyone else?

Please help me out.

Some of VMs can't boot after unlock

Host
CPU : i5-10600
RAM : 32G*4 (128G)
Disk : Intel P3600 2T (Dell OEM) + SATA SSD (for ESXI)
Version : ESXi-7.0U3g-20328353-standard
Unlocker Version : 4.0.3

All work well before patch but some of VMs can't boot after patch

relock and reboot all work well

sorry i was forgot error message (look like 'turn on VM on dissconnected VMFS')

Request add support for ESXi 8.0

In 8.0, macOS 13.0 is not bootable, please add support for ESXi 8.0.

7.0U2?

Hello,

Any chance this works on esxi 7.0u2?

Regards.

Support for vcenter

Any chance to Support esxi hosts connected to vcenter?
I tried the unlocker and the VM starts fine on the esx host itself but if I start the same VM over vCenter I get an error.

Thx a lot for your work!

DrDonk, after installation, some errors cause esxi fail to start

running the "check" and reset the system

ESXi 7.0 U3d version

Path does not exist.

Install error on ESXi 7.0.3 build 20328353

Hi!

Have you come across a check error even though the version is the expected one?

Also,I am seeing an install error during unlock in the VMKCTL module.

Version screen is below

Thank you kindly,
Scott.

esxi support ESXi-8.0.0-20513097

Hi, I added some detail to #10 but the issue was already closed.
Please can the functionality of unlocker be checked with esxi8 as I'm getting some errors as described in #10

PatchVMKCTL 4.0.3
=================
(c) 2014-2022 David Parsons

Filename: ./tmp/lib64/libvmkctl.so
Traceback (most recent call last):
 File "./patchvmkctl", line 96, in <module>
   main()
 File "./patchvmkctl", line 81, in main
   f(filename)
 File "./patchvmkctl", line 41, in patchvmkctl
   f.seek(applesmc)
OSError: [Errno 22] Invalid argument

here is what the check returns;

[root@localhost:/vmfs/volumes/5d72331d-3715a90a-1f62-40b076d8cbfa/media/esxi-unlocker-4.0.3] ./check
VMware ESXi Unlocker 4.0.3
==========================
(c) 2011-2022 David Parsons

Checking unlocker...
Current version of ESXi: VMware ESXi 8.0.0 build-20513097
Patch built for ESXi: VMware ESXi 8.0.0 build-20513097
Checking VMTAR loaded...
apple.v00 loaded
Checking vmx vSMC status...
/bin/vmx
/bin/vmx-debug
/bin/vmx-stats
vmx patched
Checking smcPresent status...
smcPresent = true

just as part of my testing. I took the approach of build a Ventura VM in VMware workstation using a vmdk and was able to boot this fine after installing the PC version of unlocker. I think ran the conversion on the disk to type 4, and then rechecked the VM was booting correctly on workstation. All was fine at this stage. (this is on an Intel machine)
I took a binary copy of the VM folder tree and uploaded it via scp to the esxi host and then registered it, after adding in the CPU mask for ESXi.
It then gets stuck in the same boot look as a fresh ISO as described above.
So my conclusion is that the PC version is patching VMware workstation in such a way where Ventua will boot, but the esxi unlocker is not patching the esxi host correctly (atleast in the case of esxi8 that I have access to).

looking at the esxi logs during the reboot cycle it appears this is what triggers it;

022-11-05T04:43:25.209Z Wa(03) vcpu-3 - DarwinPanic: panic(cpu 3 caller 0xffffff8010e45885):  initproc failed to start -- exit reason namespace 6 subcode 0x1 description: Library not loaded: /usr/lib/libSystem.B.dylib
2022-11-05T04:43:25.211Z In(05) vcpu-3 - Chipset: The guest has requested that the virtual machine be hard reset.

but this seems to be the same issue that others are struggling with on esxi right now....

thanks!

MacOs Monterey for Esxi 6.7 work?

Image Profile: ESXi-6.7.0-20221004001-standard
Current version of ESXi: VMware ESXi 6.7.0 build-20497097
Server: Ibm System x3650 M4 791532G

Hi, I don't know if you can help me. Unfortunately I can't update beyond version 6.7 due to a hardware problem. I would like to know if I have the possibility to use this "Unlocker" to install MacOs on my Esxi. I'd prefer to have Monterey, as the version to install, but it's not essential... Mojave or Sierra is also fine, but I can't figure out if this unlocker is also fine for version 6.x or only for version 7.x. I have the latest version of 6.7 installed... could it be some patch that won't let me get quest unlocker to work?
I summarize my questions for you, hoping you can help me

Does this unlocker also work for version 6.7? Can you tell me up to which version?
Up to which MacOs version can I install with Esxi 6.7 version?

I tried to use this unlocker, but I get these errors:

VMware ESXi Unlocker 4.0.5
==========================
(c) 2011-2023 David Parsons

Installing unlocker...
sh: Available: bad number
   File "./patchsmc", line 76
     print(f'File Offset : 0x{offset:08x}')
                                          ^
SyntaxError: invalid syntax
   File "./patchsmc", line 76
     print(f'File Offset : 0x{offset:08x}')
                                          ^
SyntaxError: invalid syntax
   File "./patchsmc", line 76
     print(f'File Offset : 0x{offset:08x}')
                                          ^
SyntaxError: invalid syntax
   File "./patchvmkctl", line 30
     print(f'Patch Status: {flag}')
                                 ^
SyntaxError: invalid syntax
Building apple.v00 VMTAR file...
pigz: write error code 28
pigz: abort: write error on apple.vtar.v00
mv: can't rename 'apple.vtar.v00': No such file or directory
Cleaning up tmp files...
Adding to bootbank...
File apple.v00 does not exist
Reboot the ESXi server to install unlocker (y/N)? y
Rebooting the ESXi Server

How can I fix?
Thanks for the work you do :)

Any tutorials on how to use this updated unlocker?

vmx not patched

Server ： BESSTAR TECH LIMITED X500 8 CPUs x AMD Ryzen 7 5700G with Radeon Graphics

./check

VMware ESXi Unlocker 4.0.5
==========================
(c) 2011-2023 David Parsons

Checking unlocker...
Current version of ESXi: VMware ESXi 6.7.0 build-20497097
Patch built for ESXi: VMware ESXi 6.7.0 build-20497097
Checking VMTAR loaded...
apple.v00 loaded
Checking vmx vSMC status...
vmx not patched
Checking smcPresent status...
smcPresent = false

./unlock -v

VMware ESXi Unlocker 4.0.5
==========================
(c) 2011-2023 David Parsons

Installing unlocker...
Verbose mode+ REQUIRED=400
+ df -m .
+ tail -1
+ awk '{print $4}'
+ FREE=31484
+ '[' 31484 -lt 400 ]
+ '[' -f /bootbank/unlocker.tgz ]
+ readlink -f ./unlock
+ SCRIPT=/vmfs/volumes/6383dae9-8f6b6018-752e-844709131eca/ESXi_Tools/esxi-unlocker-4.0.5/unlock
+ dirname /vmfs/volumes/6383dae9-8f6b6018-752e-844709131eca/ESXi_Tools/esxi-unlocker-4.0.5/unlock
+ SCRIPTPATH=/vmfs/volumes/6383dae9-8f6b6018-752e-844709131eca/ESXi_Tools/esxi-unlocker-4.0.5
+ cd /vmfs/volumes/6383dae9-8f6b6018-752e-844709131eca/ESXi_Tools/esxi-unlocker-4.0.5
+ rm -rf ./tmp
+ rm -f -f apple.v00
+ mkdir -p ./tmp/bin
+ cp -v /bin/vmx ./tmp/bin
'/bin/vmx' -> './tmp/bin/vmx'
+ cp -v /bin/vmx-debug ./tmp/bin
'/bin/vmx-debug' -> './tmp/bin/vmx-debug'
+ cp -v /bin/vmx-stats ./tmp/bin
'/bin/vmx-stats' -> './tmp/bin/vmx-stats'
+ mkdir -p ./tmp/lib64
+ cp -v /lib64/libvmkctl.so ./tmp/lib64
'/lib64/libvmkctl.so' -> './tmp/lib64/libvmkctl.so'
+ chmod 4755 ./tmp/bin/vmx ./tmp/bin/vmx-debug ./tmp/bin/vmx-stats
+ chmod 755 ./tmp/lib64/libvmkctl.so
+ mkdir -p ./tmp/etc
+ vmware -v
+ python ./patchsmc patch ./tmp/bin/vmx
  File "./patchsmc", line 76
    print(f'File Offset  : 0x{offset:08x}')
                                         ^
SyntaxError: invalid syntax
+ python ./patchsmc patch ./tmp/bin/vmx-debug
  File "./patchsmc", line 76
    print(f'File Offset  : 0x{offset:08x}')
                                         ^
SyntaxError: invalid syntax
+ python ./patchsmc patch ./tmp/bin/vmx-stats
  File "./patchsmc", line 76
    print(f'File Offset  : 0x{offset:08x}')
                                         ^
SyntaxError: invalid syntax
+ python ./patchvmkctl patch ./tmp/lib64/libvmkctl.so
  File "./patchvmkctl", line 30
    print(f'Patch Status: {flag}')
                                ^
SyntaxError: invalid syntax
+ chmod 4555 ./tmp/bin/vmx ./tmp/bin/vmx-debug ./tmp/bin/vmx-stats
+ chmod 555 ./tmp/lib64/libvmkctl.so
+ printf 'Building apple.v00 VMTAR file...\n'
Building apple.v00 VMTAR file...
+ cd ./tmp
+ tar c -v -f ../apple.tar bin etc lib64
bin/
bin/vmx
bin/vmx-debug
bin/vmx-stats
etc/
etc/unlock.conf
lib64/
lib64/libvmkctl.so
+ cd ..
+ vmtar -c apple.tar -v -o apple.vtar
addr: 0, sz: 18609068, flags: 5
addr: 0x11c1e70, sz: 4322520, flags: 6
bin/vmx: textPgs: 4543, fixUpPgs: 0
addr: 0, sz: 22861148, flags: 5
addr: 0x15cf198, sz: 4400656, flags: 6
bin/vmx-debug: textPgs: 5581, fixUpPgs: 0
addr: 0, sz: 19370068, flags: 5
addr: 0x127bfe0, sz: 17519176, flags: 6
bin/vmx-stats: textPgs: 4729, fixUpPgs: 0
addr: 0, sz: 6963122, flags: 5
addr: 0x8a4aa0, sz: 914584, flags: 6
lib64/libvmkctl.so: textPgs: 1699, fixUpPgs: 0
+ pigz -v -f -9 -n -T -k -S .v00 apple.vtar
apple.vtar to apple.vtar.v00 
+ mv -v -f apple.vtar.v00 apple.v00
'apple.vtar.v00' -> 'apple.v00'
+ printf 'Cleaning up tmp files...\n'
Cleaning up tmp files...
+ rm -v -rf ./tmp
removed directory: './tmp/bin'
removed directory: './tmp/lib64'
removed directory: './tmp/etc'
removed directory: './tmp'
+ rm -v -f apple.tar
+ rm -v -f apple.vtar
+ printf 'Adding to bootbank...\n'
Adding to bootbank...
+ BootModuleConfig.sh --verbose '--add=apple.v00'
Acquiring lock /tmp/bootbank.lck
Copying apple.v00 to /bootbank/apple.v00
Editing /bootbank/boot.cfg to add module apple.v00
+ read -r -p 'Reboot the ESXi server to install unlocker (y/N)? ' response
Reboot the ESXi server to install unlocker (y/N)? + printf 'The SMC patches will not be loaded until the ESXi server has been rebooted\n'
The SMC patches will not be loaded until the ESXi server has been rebooted
+ exit 0

Will this work for ESXi 6.0 ?

Hi,

Will this version still work on ESXI 6.0?

Thanks in advance for your reply!

Ivo

Opencore for ESXi 7 legacy CPUs - macOS Ventura 13.1 working solution

ESImage profile: ESXi-7.0U3f-20036589-standard (VMware, Inc.)

Manufacturer
HP
Model
ProLiant DL380 G7
CPU
Logical processors
24
Processor type
Intel(R) Xeon(R) CPU X5670 @ 2.93GHz (Westmere no AVX nevermind AVX2!)
Sockets
2
Cores per socket
6
Hyperthreading
Yes, enabled
Memory
103.99 GB

NB: USB controller 1 must be of type USB3.1 (USB 1.1 is deprecated under macOS Ventura)

Procedure is quite simple:

Attached a working VMWare workstation - IPSW OS.dmg used - Ventura macOS 13.1-22C65 VM (vmdk) to an existing Monterey ESXi VM (spoofed to iMac17,1 for compatibility with OpenCore Legacy Patcher)
https://github.com/dortania/OpenCore-Legacy-Patcher/archive/refs/heads/main.zip
Satisfy build requirements: eg: pip3 install requests ...
Execute: OpenCore-Patcher.command
Create EFI
Copy created EFI to EFI partition
Made sure that it was possible to boot Monterey from opencore.efi; then with addition of NoAVXFSCompressionTypeZlib-AVXpel.kext and CryptexFixup.kext was able to boot macOS Ventura.
iMac18,3 profile used in VMX: basic requirement for macOS Ventura

https://github.com/macchrome/compilers/releases/download/Opencore-esxi-legacy-cpu-0.01/Opencore-esxi-legacy-cpu-rev2.7z

Problem with booting ESXi host

I have problem with booting ESXi host.

PatchVMKCTL 4.0.3
=================
(c) 2014-2022 David Parsons

Filename: ./tmp/lib64/libvmkctl.so
Traceback (most recent call last):
  File "./patchvmkctl", line 96, in <module>
    main()
  File "./patchvmkctl", line 81, in main
    f(filename)
  File "./patchvmkctl", line 41, in patchvmkctl
    f.seek(applesmc)
OSError: [Errno 22] Invalid argument
Building apple.v00 VMTAR file...
Cleaning up tmp files...
Adding to bootbank...
Acquiring lock /tmp/bootbank.lck
Copying apple.v00 to /bootbank/apple.v00
Editing /bootbank/boot.cfg to add module apple.v00
Reboot the ESXi server to install unlocker (y/N)?

After reboot there is error:
503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http16LocalServiceSpecE:0x000000179723afb0] _serverNamespace = / action = Allow _port = 8309)

If i use command check, have same problem as above, or this:

 ./check
VMware ESXi Unlocker 4.0.3
==========================
(c) 2011-2022 David Parsons

Checking unlocker...
Current version of ESXi: VMware ESXi 7.0.3 build-20328353
Patch built for ESXi: VMware ESXi 7.0.3 build-20328353
Checking VMTAR loaded...
apple.v00 not loaded
Checking vmx vSMC status...
/bin/vmx
/bin/vmx-debug
/bin/vmx-stats
vmx patched
Checking smcPresent status...
Failed to login: Connection refused: The remote service is not running, OR is overloaded, OR a firewall is rejecting connections.

No .tgz file

While I'm trying to install using esxi-install.sh, esxi says: File unlocker.tgz does not exist.
I also can't find it here in repository (like esxi-unlocker-xxx.tgz also).

When I'm trying to run esxi-build.py, system says:
esxi-build.py: line 24: : File name too long
esxi-build.py: line 26: import: not found
esxi-build.py: line 27: import: not found
esxi-build.py: line 28: import: not found
esxi-build.py: line 31: syntax error: unexpected "("

I'm doing everything on ESXi host version 6.5. I've also tried to run esxi-build.py on OS X Catalina, but the result was the same.

May be I'm doing something wrong?

Fix for VMWare Esxi 7U3g

Hello @DrDonk,
is it possible to fix the unlocker for the last Version of ESXi or for U3 mainly? On Workstation it works, but on Esxi it boots, but get stuck on the half.

greetings