OpenCore and OpenCore Legacy Patcher Explained
You're most likely aware OpenCore and OpenCore Legacy Patcher. It's a boot loader, whatever that means... .which we will get to in-depth, and it lets you run macOS on old Macs that are no longer supported by Apple. This blog post and vide is a high-level overview so you can understand how OpenCore works and what Open Core Legacy Patcher is.
Let's step back in time to a few years ago. When users wanted to run macOS on unsupported Macs, they'd turn to modify the operating system, the most common being preconfigured scripts like DOSDude1. These weren't perfect, as you generally had to reapply them each time you updated the OS, no matter how small. Even a security update could render your mac unbootable until repatched. It was simple until it wasn't. Here's what happened:
Over time macOS has evolved to be more closed at the system level. This started when Apple started following the industry trend of signed code in 2009 with the introduction of Snow Leopard. Signed code allows the OS to verify the identity of the software developer and ensures that the application has not been tampered with or modified since it was signed. This evolved in many ways, but the most important is the modern usage of integrity protection which exists as System Integrity Protection, introduced in 10.11 El Capitan, SIP or System Integrity Protection which restricts the actions of the root user / privileged processes that can be performed on critical system files and folders. Translation: a rogue app will have a much tougher time hacking your OS as it doesn't have permission to do so.
Apple began requiring signed code for applications distributed outside the Mac App Store with the release of macOS 10.8 Mountain Lion in 2012, not with Snow Leopard in 2009. Snow Leopard (10.6) introduced support for signed code but did not mandate it.
System Integrity Protection (SIP) was indeed introduced in macOS 10.11 El Capitan, and it restricts the actions of the root user and privileged processes to protect critical system files and folders. This makes it harder for rogue apps or malware to compromise the system.
Also, integrity protection exists in the file system itself in APFS with metadata integrity protection, which uses cryptographic verification of metadata, which helps prevent tampering and protects against malware attempts to modify the system. The system also now exists as a separate partition within the APFS container that is read-only during normal operation. All of this makes macOS a lot less likely to be infected with OS-level malware.
Apple File System (APFS) includes metadata integrity protection, which uses cryptographic verification to help prevent tampering and protect against malware attempts to modify the system. APFS was introduced in macOS 10.13 High Sierra.
The system partition's read-only status during normal operation was introduced in macOS 10.15 Catalina, further enhancing security.
Apple, in even more recent releases, has deprecated Kexts, small modules of code that are designed to extend the functionality of the macOS kernel and other system components, such as device drivers or filesystems. Kexts or kernel extensions are very powerful. Thus, they are a potential vector for malware.
Of course, the focus on security has complicated modifying macOS by 3rd parties; however, some very smart programmers and hackers devised impressive solutions.
On the Hackintosh side, users who wanted to run macOS on PC hardware had created a thriving software scene. Clover became the preferred and essential method of installing macOS on unsupported hardware. Clover was a boot loader and could inject Kexts into macOS.
A bootloader is a piece of software that is responsible for loading the operating system kernel and initializing the hardware devices during the boot process. We'll dig into this more in a minute.
Clover was essential but had shortcomings regarding security, compatibility, configuration and generally required additional patching. Hackintosh users and owners of unsupported Macs faced a similar problem when macOS was on unsupported hardware. A system update could break the entire setup until certain hacks and patches were reapplied.
OpenCore was developed as a way to fix these issues for both unsupported Macs and Hackintoshes, relying on its ability to inject changes as part of the boot process rather than modify the OS itself. The advantage is that the OS would be left intact without requiring altering of most security settings or patching/hacking the OS.
OpenCore and Kexts
OpenCore uses a feature called Kext Injection. When OpenCore boots the macOS kernel, it scans the system for all available kexts and injects them into the kernel as needed. This allows users to add support for hardware devices that are not natively supported by macOS or to modify system behavior in various ways.
OpenCore also uses the concept of "Kext Patches" to modify the behavior of existing kexts or to patch the macOS kernel itself. This isn't unique to Clover, but OpenCore's methods are improved. Kext Patches are small code snippets that are applied to kexts or the kernel at boot time, which can be used to modify system behavior or to add support for additional hardware components.
When the computer boots, OpenCore acts as middleware for the UEFI or EFI on the computer, a standard for computer Bios that macOS uses. It loads its own firmware and presents the user with a boot loader GUI allowing the user to select the OS. If the user boots macOS, it performs pre-checks, prepares for booting macOS by prepping necessary modifications, then loads macOS Kernel into memory and modifies it with the kernel patches and modifications, and loads kexts for additional hardware support or system modifications. Once done, OpenCore hands over control to the OS, and booting proceeds.
To summarize, each time you boot macOS with OpenCore, it is modifying macOS on the fly, meaning you can update your Operating system without worrying about losing patches or lowering security settings.
The Case for OpenCore Legacy Patcher
OpenCore is fairly complicated to configure. Thus, users would often share their configs for various hardware setups. For example, A very popular configuration for classic Mac Pro users was Martin Lo's OpenCore configurations. This worked well for users whose hardware matched or resembled the hardware the preconfig was targeting, as it created a template for other users to follow and edit, assuming their hardware similar to the preconfig file.
While this worked, it required a fair amount of technical know-how, reading, and research, especially if your hardware is different in a significant way, such as a different GPU or Network interface. OpenCore Legacy Patcher aimed to make this a point-and-click experience.
OpenCore Legacy Patcher is a community-driven project based on OpenCore designed with old Macs specifically in mind. OpenCore Legacy Patcher is a graphic user interface that automates installing OpenCore on Macs that Apple no longer supports.
Unlike PCs that come with an exceptionally wide range of configurations, Apple's product line is exceptionally small. This makes it predictable for OpenCore Legacy Patcher developers to create configurations for the user based on the hardware it detects rather than the user modifying the OpenCore configurations themselves. Power users can still modify OpenCore manually after using OpenCore Legacy Patcher.
With a few short steps, a user can install OpenCore on an old Mac, allowing them to run recent versions of macOS on hardware that Apple has elected to no longer support. Apple does not make money on old hardware and thus habitually drops support even if the hardware is quite capable of providing a pleasant experience.
Apple's yearly OS updates also have slowly required more and more developer support for Apple's security features and also have depreciated older technologies at a fast clip. The end result is an older copy of macOS may not support the latest and greatest software, even as crucial as a web browser that works with modern web standards. In contrast, Windows has a much longer support window with its less frequent overhauls.
It makes one realize the value of a paid OS update model, as seems to be the case for Windows for longer support.
OpenCore is the backbone of providing support to older computers. OpenCore legacy patcher is a utility used to configure and install OpenCore in a very user-friendly way.
OpenCore is a boot loader designed specifically to work with Apple's current security paradigm and avoids modifying the OS stored on the boot volume. It instead applies the patches on the fly during the boot sequence.
Looking for info on how to install OpenCore?
I've made separate blog post, The 10 Step Guide to OpenCore Legacy Patcher (with pictures and video) or you can check the video below.