Skip to content

Glossary

iBoot

Apple's bootloader — BIOS + GRUB compressed into a single signed binary. Loads, verifies, and jumps into the macOS kernelcache.

iBoot is the bootloader for every Apple device — Macs, iPhones, iPads, Apple Watches, Apple TVs. On a PC, the equivalent role is filled by BIOS + GRUB; on an Apple device a single signed binary called iBoot does both jobs.

iBoot's responsibilities:

  • Initialize enough hardware to read the system flash (NAND controller, memory training).
  • Read the boot policy from nvram and the Preboot volume — which OS to boot, what security level, which kernelcache to use.
  • Load the kernelcache from disk.
  • Cryptographically verify the kernelcache's signature against Apple's chain of trust (rooted in the SoC's Boot ROM).
  • Construct the Device Tree describing what hardware is present.
  • Jump into the kernelcache's entry point.

iBoot is also responsible for the alternate boot modes: recoveryOS, DFU (Device Firmware Update), and on Apple Silicon One True recoveryOS (the always-available recovery partition).

iBoot itself is closed-source. The verification chain that iBoot enforces is well documented in Apple's Platform Security Guide.

See also: kernelcache, the boot sequence article.