What's New / Storage, System & Virtualization

What's new in Virtualization

+30 NewmacOS

Virtualization creates and runs virtual machines on Apple silicon and Intel Macs. It configures guest devices such as disks, storage attachments, and EFI boot, and presents the running VM in a view.

30 new APIs, no deprecations or removals. Secure Boot management arrives on EFI machines via enableSecureBoot, enableSecureBootUsingDefaultPlatformKey, disableSecureBoot, resetSecureBoot, enrollDefaultSecureBootSignatures, and enrollSecureBootSignatures, backed by the new types VZEFISignature, VZEFISignatureList, and VZEFIVariableStore. Custom Virtio device support is also new, through the VZCustomVirtioDeviceConfigurationDelegate and VZCustomVirtioDeviceDelegate protocols, the VZVirtualMachineViewAdaptor struct, VZDiskImageStorageDeviceAttachment, and the VZError.Code.guestProvisioningInvalidFullName error case.

New

30
var

customVirtioDevices

NewmacOS
open var customVirtioDevices: [VZCustomVirtioDeviceConfiguration]
var

delegate

NewmacOS
weak open var delegate: (any VZUSBController.Delegate)?
func

disableSecureBoot

NewmacOS
open func disableSecureBoot() throws
func

enableSecureBoot

NewmacOS
open func enableSecureBoot(platformKey: SecCertificate) throws
func

enableSecureBootUsingDefaultPlatformKey

NewmacOS
open func enableSecureBootUsingDefaultPlatformKey() throws
func

enrollDefaultSecureBootSignatures

NewmacOS
open func enrollDefaultSecureBootSignatures() throws
func

enrollSecureBootSignatures

NewmacOS
open func enrollSecureBootSignatures(_ signatures: VZEFISignatureDatabaseConfiguration) throws
var

guestProvisioningOptions

NewmacOS
open var guestProvisioningOptions: VZMacGuestProvisioningOptions? { get }

A value that controls provisioning a macOS guest.

This property allows someone to provision a macOS guest by setting VZMacGuestProvisioningOptions.

var

label

NewmacOS
open var label: String?

An optional label for the virtual machine.

The framework uses this string as part of the name of the virtual machine in some system services. The label must be non-empty, less than or equal to 64 characters in length, and contain at least one non-whitespace character.

func

resetSecureBoot

NewmacOS
open func resetSecureBoot() throws
func

setGuestProvisioning

NewmacOS
open func setGuestProvisioning(_ guestProvisioningOptions: VZMacGuestProvisioningOptions?) throws

Sets guest provisioning options with validation.

This method validates the provisioning options before setting them. If validation fails, the current options remain unchanged.

## See Also

  • VZMacGuestProvisioningOptions

Parameters

guestProvisioningOptions
The guest provisioning options to set, or nil to remove.
error
On input, a pointer to an error object. If an error occurs, the framework sets this pointer to an actual error object containing the error.

ReturnsYES if the options were set successfully (or nil was passed), NO if validation failed.

protocol

VZCustomVirtioDeviceConfigurationDelegate

NewmacOS
public protocol VZCustomVirtioDeviceConfigurationDelegate : NSObjectProtocol
Declaration
public protocol VZCustomVirtioDeviceConfigurationDelegate : NSObjectProtocol {

    /**
     A method the framework calls when it creates a custom Virtio device from a custom Virtio device configuration.
    
      The Virtualization framework creates a ``VZCustomVirtioDevice`` when you call ``VZVirtualMachine/initWithConfiguration:``
      and calls this method on the serial queue of the guest's ``VZVirtualMachine`` instance.
    
     - Parameters:
        - deviceConfiguration: The configuration calling the delegate method.
        - device: The ``VZCustomVirtioDevice`` that the framework created.
     */
    optional func customVirtioConfiguration(_ deviceConfiguration: VZCustomVirtioDeviceConfiguration, didCreateDevice device: VZCustomVirtioDevice)
}
protocol

VZCustomVirtioDeviceDelegate

NewmacOS
public protocol VZCustomVirtioDeviceDelegate : NSObjectProtocol
Declaration
public protocol VZCustomVirtioDeviceDelegate : NSObjectProtocol {

    /**
     The method the framework calls when the device receives a virtqueue (Virtio queue) notification from the guest.
    
     - Parameters:
        - device: The device invoking the delegate method.
        - queue: The queue that received the notification.
     */
    optional func customVirtioDevice(_ device: VZCustomVirtioDevice, didReceiveNotificationFor queue: VZVirtioQueue)

    /**
     The method the framework calls when the device and driver successfully complete Virtio negotiation.
    
     The guest driver sets the status to the value `DRIVER_OK`.
    
     - Parameter device: The device invoking the delegate method.
     */
    optional func customVirtioDeviceDidAcceptDriverOk(_ device: VZCustomVirtioDevice)

    /**
        The method the framework calls when a device will be stopped.
    
        A device is in a stopped state when its corresponding ``VZVirtualMachine`` has stopped. This can happen when the guest performs a shutdown operation itself,  or when you call ``VZVirtualMachine/requestStopWithError:``.
    
        - Parameter device: The device invoking the delegate method.
     */
    optional func customVirtioDeviceWillStop(_ device: VZCustomVirtioDevice)

    /**
        The method the framework calls when a device pauses.
    
        A device is in a paused state when its corresponding ``VZVirtualMachine`` is in a paused state. This happens when you call ``VZVirtualMachine/pauseWithCompletionHandler:``.
    
        - Parameter device: The device invoking the delegate method.
     */
    optional func customVirtioDeviceWillPause(_ device: VZCustomVirtioDevice)

    /**
        The method the framework calls when a device resumes.
    
        A device is in a resumed state when its corresponding ``VZVirtualMachine`` resumes from the paused state.
        This happens when you call ``VZVirtualMachine/resumeWithCompletionHandler:``.
    
        - Parameter device: The device invoking the delegate method.
     */
    optional func customVirtioDeviceWillResume(_ device: VZCustomVirtioDevice)

    /**
     The method the framework calls when a device resets.
    
     You can initiate a reset by calling the ``VZCustomVirtioDevice/requestDeviceReset`` method, and the guest driver can also initiate the reset by itself. The framework calls this method when the reset completes for either scenario.
    
     - Parameter device: The device invoking the delegate method.
     */
    optional func customVirtioDeviceWillReset(_ device: VZCustomVirtioDevice)

    /**
     The method the framework calls when a device needs to save its state.
    
     Return the state data to save in an <doc://com.apple.documentation/documentation/foundation/nsdata> object.
     If there is no state to save, return an empty NSData object ([NSData data]).
    
     If you return `nil` from this method, the save operation fails.
    
     - Parameter device: The device invoking the delegate method.
     */
    optional func customVirtioDeviceSaveState(forRestore device: VZCustomVirtioDevice) -> Data?

    /**
     The method the framework calls when a device restores its state.
    
     This method should return `NO` if restore operation failed.
    
     - Parameters:
        - device: The device invoking the delegate method.
        - saveState: The data that the delegate returned from ``VZCustomVirtioDeviceDelegate/customVirtioDeviceSaveStateForRestore:``.
     */
    optional func customVirtioDeviceShouldRestore(_ device: VZCustomVirtioDevice, saveState: Data) -> Bool
}
extension

VZDiskImageStorageDeviceAttachment

NewmacOS
extension VZDiskImageStorageDeviceAttachment
Declaration
extension VZDiskImageStorageDeviceAttachment {

    /// Initialize the attachment from a DiskImage object.
    ///
    /// - Parameters:
    ///   - diskImage: DiskImage object from DiskImageKit framework. Supports both single and stacked disk images.
    ///   - cachingMode: The host-level data caching policy for the disk image. This is independent of cache layers in the disk image stack.
    ///   - synchronizationMode: How the disk image synchronizes with the underlying storage when the guest operating system flushes data.
    ///
    /// This initializer allows using DiskImage objects created with the DiskImageKit framework,
    /// including stacked images with cache and overlay layers.
    public convenience init(diskImage: DiskImage, cachingMode: VZDiskImageCachingMode = .automatic, synchronizationMode: VZDiskImageSynchronizationMode = .full) throws
}
enum

VZEFISignature

NewmacOS
public enum VZEFISignature : Sendable
Declaration
public enum VZEFISignature : Sendable {

    case x509Certificate(SecCertificate)

    case sha256(Data)
}
extension

VZEFISignatureList

NewmacOS
extension VZEFISignatureList
Declaration
extension VZEFISignatureList {

    public convenience init(signatures: [VZEFISignature])

    public var signatures: [VZEFISignature] { get }
}
extension

VZEFIVariableStore

NewmacOS
extension VZEFIVariableStore
Declaration
extension VZEFIVariableStore {

    /// A Boolean value that indicates whether Secure Boot is in an enabled state in the variable store.
    public var isSecureBootEnabled: Bool { get throws }

    /// The currently enrolled Key Exchange Key (KEK), allowed signature database (db), and forbidden signature database (dbx) signatures.
    public var enrolledSecureBootSignatures: VZEFISignatureDatabaseConfiguration { get throws }
}
extension

VZVirtualMachineView

NewmacOS
extension VZVirtualMachineView
Declaration
extension VZVirtualMachineView {

    /// The adaptor connecting this view to a virtual machine.
    ///
    /// Setting this property configures the view's virtual machine and display.
    /// When set, the ``VZVirtualMachineView/virtualMachine`` property is automatically set to `nil`.
    /// If the ``VZVirtualMachineView/virtualMachine`` is set, this is reset to `nil`.
    @MainActor @preconcurrency public var adaptor: VZVirtualMachineViewAdaptor?
}
struct

VZVirtualMachineViewAdaptor

NewmacOS
public struct VZVirtualMachineViewAdaptor : @unchecked Sendable

A sendable wrapper that connects a VZVirtualMachineView to a virtual machine.

VZVirtualMachineViewAdaptor enables Swift 6 strict concurrency when using VZVirtualMachineView. Since VZVirtualMachine operates on a specific dispatch queue and is not Sendable, assigning it directly to virtualMachine would be a compiler error when crossing isolation boundaries.

The adaptor holds a strong reference to the virtual machine, allowing it to be safely copied across actor boundaries.

## Example

// Create an adaptor from a virtual machine
let adaptor = VZVirtualMachineViewAdaptor(virtualMachine: vm)

// Pass the adaptor to a view on the main actor
await MainActor.run {
    view.adaptor = adaptor
}
Declaration
public struct VZVirtualMachineViewAdaptor : @unchecked Sendable {

    /// Initialize an adaptor for a virtual machine.
    ///
    /// If the virtual machine has graphics devices, the first display of the first
    /// graphics device is used. If the virtual machine has no graphics devices,
    /// the adaptor is created successfully but the view will have no display.
    ///
    /// - Parameter virtualMachine: The virtual machine to adapt.
    public init(virtualMachine: VZVirtualMachine)
}
var

VZError.efiSecureBootEnrollmentFailed

NewmacOS
public static var efiSecureBootEnrollmentFailed: VZError.Code { get }

An error that indicates the Secure Boot signatures failed to enroll.

var

VZError.efiVariableInaccessible

NewmacOS
public static var efiVariableInaccessible: VZError.Code { get }

An error that indicates the framework can't access the EFI variable store.

var

VZError.guestProvisioningInvalidFullName

NewmacOS
public static var guestProvisioningInvalidFullName: VZError.Code { get }

An error that indicates the full name for guest provisioning is invalid.

var

VZError.guestProvisioningInvalidPassword

NewmacOS
public static var guestProvisioningInvalidPassword: VZError.Code { get }

An error that indicates the password for guest provisioning is invalid.

var

VZError.guestProvisioningInvalidUsername

NewmacOS
public static var guestProvisioningInvalidUsername: VZError.Code { get }

An error that indicates the username for guest provisioning is invalid.

case

VZError.Code.efiSecureBootEnrollmentFailed

NewmacOS
case efiSecureBootEnrollmentFailed = 50001

An error that indicates the Secure Boot signatures failed to enroll.

case

VZError.Code.efiVariableInaccessible

NewmacOS
case efiVariableInaccessible = 50002

An error that indicates the framework can't access the EFI variable store.

case

VZError.Code.guestProvisioningInvalidFullName

NewmacOS
case guestProvisioningInvalidFullName = 40001

An error that indicates the full name for guest provisioning is invalid.

case

VZError.Code.guestProvisioningInvalidPassword

NewmacOS
case guestProvisioningInvalidPassword = 40003

An error that indicates the password for guest provisioning is invalid.

case

VZError.Code.guestProvisioningInvalidUsername

NewmacOS
case guestProvisioningInvalidUsername = 40002

An error that indicates the username for guest provisioning is invalid.

protocol

VZUSBController.Delegate

NewmacOS
public protocol Delegate : NSObjectProtocol
Declaration
public protocol Delegate : NSObjectProtocol {

    /**
     @abstract Invoked when a USB device's IOService is terminated.
     @discussion
        When invoked, the framework has detached the corresponding
        VZUSBPassthroughDevice from its VZUSBController and removed
        the device from the VZUSBController.usbDevices array.
     @param usbController The VZUSBController invoking the delegate method.
     @param device The VZUSBPassthroughDevice that disconnected.
    */
    optional func usbController(_ usbController: VZUSBController, usbPassthroughDeviceDidDisconnect device: VZUSBPassthroughDevice)
}

No APIs match your filter.

← More in Storage, System & Virtualization