Skip to content

Security: yuping0325/XiaoMi-Pro-Hackintosh

Security

SECURITY.md

Security Policy

Change PlatformInfo

XiaoMi NoteBook Pro EFI is for general hackintosh usage. However, it could be hazardous because multiple people would share the same serial numbers defined in config.plist. It's highly recommended to generate your own serial numbers to protect your device from potential privacy leaks.

  • At first, download GenSMBIOS and select option 1 to download MacSerial and next option 3. Then, defaultly, type MacBookPro15,4 5 (KBL) or MacBookPro16,2 5 (CML) to generate some new serials.

For Clover Users

  • Go to /EFI/CLOVER/ and open config.plist
  • In SMBIOS, add BoardSerialNumber with value Board Serial you got from GenSMBIOS, add SerialNumber with value Serial you got from GenSMBIOS, and add SmUUID with value SmUUID you got from GenSMBIOS
  • Restart and done

For OC Users

  • Go to /EFI/OC/ and open config.plist
  • In PlatformInfo - Generic, change MLB value to Board Serial you got from GenSMBIOS, change SystemSerialNumber value to Serial you got from GenSMBIOS, and change SystemUUID value to SmUUID you got from GenSMBIOS
  • Restart and done

UEFI Security (OC Only)

  • Please read Security and FileVault | OpenCore Post-Install and OpenCore Configuration UEFI Secure Boot section. It includes security instructions about Apple Secure Boot, secure DMG loading, apfs drivers, sign all the third-party drivers, enable BIOS Secure Boot function, and so on.
  • In this repository, we use ExposeSensitiveData = 3 to support Kext Updater.app. ExposeSensitiveData = 2 or 6 is more secure to protect booter path.

Reporting a Vulnerability

Feel free to report a security vulnerability in the Issue Page if you find any.

We will respond to security vulnerabilities as soon as possible. A gentle reminder that releases of this repository are in general collections of hackintosh kernel extensions and bootloaders. We may not be capable of fixing code-level security vulnerabilities unless the authors of responsible kernel extensions/bootloaders assist us in fixing them.

Reference

Thanks to dortania for providing Fixing iMessage and other services with OpenCore.

There aren’t any published security advisories