feat: Verify clock source (#207) (ad46446f) · Commits · git-mirror / Macos

Dockerfile

+1 −1

Original line number	Diff line number	Diff line
		@@ -10,7 +10,7 @@ RUN apk --update --no-cache add unzip && \
		rm -rf /tmp/* /var/tmp/* /var/cache/apk/*

		FROM scratch AS runner
		COPY --from=qemux/qemu:6.22 / /
		COPY --from=qemux/qemu:7.00 / /

		ARG VERSION_ARG="0.0"
		ARG VERSION_KVM_OPENCORE="v21"

readme.md

+4 −0

Original line number	Diff line number	Diff line
		@@ -236,6 +236,10 @@ kubectl apply -f https://raw.githubusercontent.com/dockur/macos/refs/heads/maste

		You can use [dockur/windows](https://github.com/dockur/windows) for that. It shares many of the same features, and even has completely automatic installation.

		### How do I run a Linux desktop in a container?

		You can use [qemus/qemu](https://github.com/qemus/qemu) in that case.

		### Is this project legal?

		Yes, this project contains only open-source code and does not distribute any copyrighted material. Neither does it try to circumvent any copyright protection measures. So under all applicable laws, this project will be considered legal.

src/boot.sh

+27 −22

Original line number	Diff line number	Diff line
		@@ -3,10 +3,10 @@ set -Eeuo pipefail

		# Docker environment variables
		: "${BOOT_MODE:="macos"}" # Boot mode
		: "${SECURE:="off"}" # Secure boot

		BOOT_DESC=""
		BOOT_OPTS=""
		SECURE="off"
		OVMF="/usr/share/OVMF"

		case "${HEIGHT,,}" in
		@@ -139,14 +139,12 @@ if [ ! -f "$IMG" ]; then

		rm -rf "$OUT"

		if [[ "$DEBUG" == [Yy1]* ]]; then
		info ""
		info "Model: $MODEL"
		info "Rom: $ROM"
		info "Serial: $SN"
		info "Board: $MLB"
		info ""
		fi

		fi

		@@ -169,20 +167,27 @@ else
		CPU_FLAGS="$DEFAULT_FLAGS,$CPU_FLAGS"
		fi

		CLOCKSOURCE="tsc"
		[[ "${ARCH,,}" == "arm64" ]] && CLOCKSOURCE="arch_sys_counter"
		CLOCK="/sys/devices/system/clocksource/clocksource0/current_clocksource"
		[ -f "$CLOCK" ] && CLOCK=$(<"$CLOCK")

		if [[ "${CLOCK,,}" == "kvm-clock" ]]; then
		if [ ! -f "$CLOCK" ]; then
		warn "file \"$CLOCK\" cannot not found?"
		else
		result=$(<"$CLOCK")
		case "${result,,}" in
		"${CLOCKSOURCE,,}" ) ;;
		"kvm-clock" )
		if [[ "$CPU_VENDOR" != "GenuineIntel" ]] && [[ "${CPU_CORES,,}" == "2" ]]; then
		warn "Restricted processor to a single core because nested virtualization was detected!"
		warn "Restricted processor to a single core because nested KVM virtualization was detected!"
		CPU_CORES="1"
		else
		warn "Nested virtualization was detected, this might cause issues running macOS!"
		fi
		fi

		if [[ "${CLOCK,,}" == "hpet" ]]; then
		warn "Your clocksource is HPET instead of TSC, this will cause issues running macOS!"
		warn "Nested KVM virtualization detected, this might cause issues running macOS!"
		fi ;;
		"hyperv_clocksource_tsc_page" ) info "Nested Hyper-V virtualization detected, this might cause issues running macOS!" ;;
		"hpet" ) warn "unsupported clock source detected: '$result'. Please set host clock source to '$CLOCKSOURCE', otherwise it will cause issues running macOS!" ;;
		*) warn "unexpected clock source detected: '$result'. Please set host clock source to '$CLOCKSOURCE', otherwise it will cause issues running macOS!" ;;
		esac
		fi

		case "$CPU_CORES" in