iBoot loads the macOS-paired firmware, the static trust cache, the device tree, and the Boot Kernel Collection.
If the LocalPolicy allows it, iBoot loads the Auxiliary Kernel Collection (AuxKC) of third-party kexts.
If the LocalPolicy didn’t disable it, iBoot verifies the root signature hash for the signed system volume (SSV).
From a shutdown state, press and hold the power button.
Boot ROM hands off to LLB.
LLB loads system-paired firmware and the LocalPolicy for the recoveryOS.
LLB locks an indication into the Boot Progress Register that it’s booting into recoveryOS, and hands off to iBoot for recoveryOS.
iBoot loads the macOS-paired firmware, the trust cache, the device tree, and the Boot Kernel Collection.
Note: Security downgrades aren’t allowed on the recoveryOS LocalPolicy.
From a shutdown state, double-press and hold the power button.
The same process as recoveryOS boot, except that it boots to a second copy of recoveryOS that is kept for resiliency. However, LLB doesn’t lock an indication into the Boot Progress Register saying it is going into recoveryOS, and therefore the fallback recoveryOS doesn’t have the capability to change the system security state.
Boot into recoveryOS per the above, then hold Shift while selecting the startup volume.
Boots to recoveryOS as per the above.
Holding the Shift key while selecting a volume causes the BootPicker application to approve that macOS for booting, as normal, but to also set an nvram variable that tells iBoot to not load the AuxKC on the next boot.
System reboots and boots to the targeted volume, but iBoot doesn’t load AuxKC.