blob: b1ce780b4097f843d8134429126224aadf6eba3f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<!-- <key>com.apple.security.cs.allow-jit</key> <true/> -->
<!--
The following two entitlements are required for using AppleHV on Catalina.
The first entitlement allows us to have unsigned executable memory in the guests
address space like the BIOS code (and essentially all the guests address space which
is mapped as RWX).
The second entitlement is required in order to map guest memory as RWX into the
guests address space.
These entitlements are not required starting with BigSur+ where Apple has clearly
changed something in their entitlement scheme without properly documenting it.
-->
<key>com.apple.security.cs.allow-unsigned-executable-memory</key> <true/>
<key>com.apple.security.cs.disable-executable-page-protection</key> <true/>
<!-- For audio input -->
<key>com.apple.security.device.audio-input</key> <true/>
<!-- For emulated webcam -->
<key>com.apple.security.device.camera</key> <true/>
<!-- For HID input monitoring -->
<key>com.apple.security.device.usb</key> <true/>
<!-- For vmnet based bridging and host-only networking -->
<key>com.apple.vm.networking</key> <true/>
<!-- For USB capturing -->
<key>com.apple.vm.device-access</key> <true/>
<!--
The following are required for using AppleHV (need the second one for running Catalina)
but are actually stored in the provisioning profile because these are special entitlements.
-->
<!--<key>com.apple.security.hypervisor</key> <true/>-->
<!--<key>com.apple.vm.hypervisor</key> <true/>-->
</dict>
</plist>
|