The original M1 chip was introduced in November 2020, and was followed by the professional-focused M1 Pro and M1 Max chips in October 2021. The M1 Max is a higher-powered version of the M1 Pro, with more
GPU cores and
memory bandwidth, a larger
die size, and a large used interconnect. Apple introduced the M1 Ultra in 2022, a desktop
workstation chip containing two interconnected M1 Max units. These chips differ largely in size and the number of functional units: for example, while the original M1 has about 16 billion
transistors, the M1 Ultra has 114 billion.
Apple's
macOS and
iPadOSoperating systems both run on the M1. Initial support for the M1 SoC in the
Linux kernel was released in version 5.13 on June 27, 2021.[6]
The initial versions of the M1 chips contain an architectural defect that permits sandboxed applications to exchange data, violating the security model, an issue that has been described as "mostly harmless".[7]
Design
CPU
The M1 has four high-performance "Firestorm" and four energy-efficient "Icestorm"
cores, first seen on the
A14 Bionic. It has a
hybrid configuration similar to
ARM big.LITTLE and Intel's
Lakefield processors.[8] This combination allows power-use optimizations not possible with previous
Apple–Intel architecture devices. Apple claims the energy-efficient cores use one-tenth the power of the high-performance ones.[9] The high-performance cores have an unusually large[10] 192 KB of L1
instruction cache and 128 KB of L1 data cache and share a 12 MB L2 cache; the energy-efficient cores have a 128 KB L1 instruction cache, 64 KB L1 data cache, and a shared 4 MB L2 cache. The SoC also has an 8 MB System Level Cache shared by the GPU.
M1 Pro and M1 Max
The M1 Pro and M1 Max use the same
ARM big.LITTLE design as the M1, with eight high-performance "Firestorm" (six in the
lower-binned variants of the M1 Pro) and two energy-efficient "Icestorm"
cores, providing a total of ten cores (eight in the lower-binned variants of the M1 Pro).[11] The high-performance cores are clocked at 3228 MHz, and the high-efficiency cores are clocked at 2064 MHz. The eight high-performance cores are split into two clusters. Each high-performance cluster shares 12 MB of L2 cache. The two high-efficiency cores share 4 MB of L2 cache. The M1 Pro and M1 Max have 24 MB and 48 MB respectively of system level cache (SLC).[12]
M1 Ultra
The M1 Ultra consists of two M1 Max units connected with UltraFusion Interconnect with a total of 20 CPU cores and 96 MB system level cache (SLC).
GPU
The M1 integrates an Apple designed[13] eight-core (seven in some base models) graphics processing unit (GPU). Each GPU core is split into 16
execution units (EUs), which each contain 8
arithmetic logic units (ALUs). In total, the M1 GPU contains up to 128 EUs and 1024 ALUs,[14] which Apple says can execute up to 24,576 threads simultaneously and which have a maximum floating point (FP32) performance of 2.6
TFLOPs.[8][15]
The M1 Pro integrates a 16-core (14 in some base models) graphics processing unit (GPU), while the M1 Max integrates a 32-core (24 in some base models) GPU. In total, the M1 Max GPU contains up to 512
execution units or 4096 ALUs, which have a maximum floating point (FP32) performance of 10.4
TFLOPs.
The M1 Ultra features a 48- or 64-core GPU with up to 8192 ALUs and 21 TFLOPs of FP32 performance.
The M1 uses a 128-bit
LPDDR4X SDRAM[16] in a
unified memory configuration shared by all the components of the processor, aka memory on package (MOP). The SoC and DRAM chips are mounted together in a
system-in-a-package design. 8 GB and 16 GB configurations are available.
The M1 Pro has 256-bit
LPDDR5 SDRAM, and the M1 Max has 512-bit LPDDR5 SDRAM memory. While the M1 SoC has 66.67 GB/s memory bandwidth, the M1 Pro has 200 GB/s bandwidth and the M1 Max has 400 GB/s bandwidth.[8] The M1 Pro comes in memory configurations of 16 GB and 32 GB, and the M1 Max comes in configurations of 32 GB and 64 GB.[17]
The M1 Ultra doubles the specs of the M1 Max for a 1024-bit or 1-kilobit memory bus with 800 GB/s bandwidth in a 64 GB or 128 GB configuration.
Other features
The M1 is the successor to and integrates all functionality of the Apple T2 chip that was present in Intel-based Macs. It keeps bridgeOS and sepOS active even if the main computer is in a halted low power mode to handle and store encryption keys, including keys for Touch ID, FileVault, macOS Keychain, and UEFI firmware passwords. It also stores the machine's unique ID (UID) and group ID (GID).
The M1 has video codec encoding support for
HEVC and
H.264. It has decoding support for HEVC, H.264, and
ProRes.[18] The M1 Pro, M1 Max, and M1 Ultra have a media engine which has hardware-accelerated H.264, HEVC, ProRes, and ProRes RAW. This media engine includes a video decode engine (the M1 Ultra has two), a video encode engine (the M1 Max has two and the M1 Ultra has four), and a ProRes encode and decode engine (again the M1 Max has two and the M1 Ultra has four).[19][20]
The M1 Max supports High Power Mode on the 16-inch MacBook Pro for intensive tasks.[21] The M1 Pro supports two 6K displays at 60 Hz over Thunderbolt, while the M1 Max supports a third 6K display over Thunderbolt and a
4K monitor over
HDMI 2.0.[17] All parameters of the M1 Max processors are doubled in M1 Ultra processors, as they are essentially two M1 Max processors operating in parallel; they are in a single package (in size being bigger than
Socket AM4AMD Ryzen processors)[22] and seen as one processor in macOS.
The 2020 M1-equipped
Mac Mini draws 7 watts when idle and 39 watts at maximum load,[24] compared to 20 watts at idle and 122 watts maximum load for the 2018 6-core Core i7 Mac Mini.[25] The
energy efficiency of the M1 increases battery life of M1-based MacBooks by 50% compared to previous Intel-based MacBooks.[26]
At release, the MacBook Air (M1, 2020) and MacBook Pro (M1, 2020) were praised by critics for their CPU performance and battery life, particularly compared to previous MacBooks.[27][28]
After its release, some users who charged M1 devices through USB-C hubs reported
bricking their device.[34] The devices that are reported to cause this issue were third-party USB-C hubs and non-Thunderbolt docks (excluding Apple's own dongle).[34] Apple handled this issue by replacing the logic board and by telling its customers not to charge through those hubs.[34]macOS Big Sur 11.2.2 includes a fix to prevent 2019 or later MacBook Pro models and 2020 or later MacBook Air models from being damaged by certain third-party USB-C hubs and docks.[35][36]
Security vulnerabilities
M1racles
A flaw in M1 processors, given the name "M1racles", was announced in May 2021. Two sandboxed applications can exchange data without the system's knowledge by using an unintentionally writable
processor register as a
covert channel, violating the security model and constituting a minor vulnerability. It was discovered by
Hector Martin, founder of the
Asahi Linux project for Linux on Apple Silicon.[37]
In June 2022,
MIT researchers announced they had found a
speculative execution vulnerability in M1 chips which they called "Pacman" after pointer authentication codes (PAC).[39] Apple said they did not believe this posed a serious threat to users.[40]
Security vulnerability (CVE-2022-32947)
In 2022, an exploit regarding the M1's page table translations was found by Asahi Lina, a YouTuber and one of the developers involved in Asahi Linux for the GPU: the exploit was discovered by accident during initial reverse engineering efforts of the GPU in the middle of a live-stream. The exploit involved the use of the user having firmware read-write permissions, Apple's Page Translation Lookup Table, registers, and the uPPL. Using
return-oriented programming, the exploit took the form of a shader that would have several components be integrated into the micro sequence in the hardware, generate a fake page table, changing registers to point towards the new page table, and invoking the Lookup Table to perform a uPPL call. As the uPPL had the ability to modify the page table contents, and the lookup table had the unrestricted ability to perform a uPPL call, an attacker can use this exploit to gain root privileges with the fake page table being referenced by the registers: after the fake page table is mapped over the original from the uPPL-Lookup Table vulnerability, and the registers are reset, the attacker then can modify variables to be run as root.
The exploit was considered unique as it involved the use of a shader instead of more traditional means, but the exploit would be categorized under the “Device Attack via user-installed app” category, and was worth $150,000.
A full video was posted in September 2023 that demonstrated the full exploit,[41] along with a website that included information on how the exploit worked. The site also had a JavaScript emulated micro sequence that demonstrated each step of the process.[42]
^Ravichandran, Joseph; Na, Weon Taek; Lang, Jay; Yan, Mengjia (2022). "PACMAN: Attacking ARM Pointer Authentication with Speculative Execution". Proceedings of the 49th Annual International Symposium on Computer Architecture. 49th Annual International Symposium on Computer Architecture. New York: Association for Computing Machinery.
doi:10.1145/3470496.3527429.
hdl:1721.1/146470.
ISBN9781450386104.
S2CID249205178.
^GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers. Boru Chen and Yingchen Wang and Pradyumna Shome and Christopher W. Fletcher and David Kohlbrenner and Riccardo Paccagnella and Daniel Genkin. USENIX Security 2024.
The original M1 chip was introduced in November 2020, and was followed by the professional-focused M1 Pro and M1 Max chips in October 2021. The M1 Max is a higher-powered version of the M1 Pro, with more
GPU cores and
memory bandwidth, a larger
die size, and a large used interconnect. Apple introduced the M1 Ultra in 2022, a desktop
workstation chip containing two interconnected M1 Max units. These chips differ largely in size and the number of functional units: for example, while the original M1 has about 16 billion
transistors, the M1 Ultra has 114 billion.
Apple's
macOS and
iPadOSoperating systems both run on the M1. Initial support for the M1 SoC in the
Linux kernel was released in version 5.13 on June 27, 2021.[6]
The initial versions of the M1 chips contain an architectural defect that permits sandboxed applications to exchange data, violating the security model, an issue that has been described as "mostly harmless".[7]
Design
CPU
The M1 has four high-performance "Firestorm" and four energy-efficient "Icestorm"
cores, first seen on the
A14 Bionic. It has a
hybrid configuration similar to
ARM big.LITTLE and Intel's
Lakefield processors.[8] This combination allows power-use optimizations not possible with previous
Apple–Intel architecture devices. Apple claims the energy-efficient cores use one-tenth the power of the high-performance ones.[9] The high-performance cores have an unusually large[10] 192 KB of L1
instruction cache and 128 KB of L1 data cache and share a 12 MB L2 cache; the energy-efficient cores have a 128 KB L1 instruction cache, 64 KB L1 data cache, and a shared 4 MB L2 cache. The SoC also has an 8 MB System Level Cache shared by the GPU.
M1 Pro and M1 Max
The M1 Pro and M1 Max use the same
ARM big.LITTLE design as the M1, with eight high-performance "Firestorm" (six in the
lower-binned variants of the M1 Pro) and two energy-efficient "Icestorm"
cores, providing a total of ten cores (eight in the lower-binned variants of the M1 Pro).[11] The high-performance cores are clocked at 3228 MHz, and the high-efficiency cores are clocked at 2064 MHz. The eight high-performance cores are split into two clusters. Each high-performance cluster shares 12 MB of L2 cache. The two high-efficiency cores share 4 MB of L2 cache. The M1 Pro and M1 Max have 24 MB and 48 MB respectively of system level cache (SLC).[12]
M1 Ultra
The M1 Ultra consists of two M1 Max units connected with UltraFusion Interconnect with a total of 20 CPU cores and 96 MB system level cache (SLC).
GPU
The M1 integrates an Apple designed[13] eight-core (seven in some base models) graphics processing unit (GPU). Each GPU core is split into 16
execution units (EUs), which each contain 8
arithmetic logic units (ALUs). In total, the M1 GPU contains up to 128 EUs and 1024 ALUs,[14] which Apple says can execute up to 24,576 threads simultaneously and which have a maximum floating point (FP32) performance of 2.6
TFLOPs.[8][15]
The M1 Pro integrates a 16-core (14 in some base models) graphics processing unit (GPU), while the M1 Max integrates a 32-core (24 in some base models) GPU. In total, the M1 Max GPU contains up to 512
execution units or 4096 ALUs, which have a maximum floating point (FP32) performance of 10.4
TFLOPs.
The M1 Ultra features a 48- or 64-core GPU with up to 8192 ALUs and 21 TFLOPs of FP32 performance.
The M1 uses a 128-bit
LPDDR4X SDRAM[16] in a
unified memory configuration shared by all the components of the processor, aka memory on package (MOP). The SoC and DRAM chips are mounted together in a
system-in-a-package design. 8 GB and 16 GB configurations are available.
The M1 Pro has 256-bit
LPDDR5 SDRAM, and the M1 Max has 512-bit LPDDR5 SDRAM memory. While the M1 SoC has 66.67 GB/s memory bandwidth, the M1 Pro has 200 GB/s bandwidth and the M1 Max has 400 GB/s bandwidth.[8] The M1 Pro comes in memory configurations of 16 GB and 32 GB, and the M1 Max comes in configurations of 32 GB and 64 GB.[17]
The M1 Ultra doubles the specs of the M1 Max for a 1024-bit or 1-kilobit memory bus with 800 GB/s bandwidth in a 64 GB or 128 GB configuration.
Other features
The M1 is the successor to and integrates all functionality of the Apple T2 chip that was present in Intel-based Macs. It keeps bridgeOS and sepOS active even if the main computer is in a halted low power mode to handle and store encryption keys, including keys for Touch ID, FileVault, macOS Keychain, and UEFI firmware passwords. It also stores the machine's unique ID (UID) and group ID (GID).
The M1 has video codec encoding support for
HEVC and
H.264. It has decoding support for HEVC, H.264, and
ProRes.[18] The M1 Pro, M1 Max, and M1 Ultra have a media engine which has hardware-accelerated H.264, HEVC, ProRes, and ProRes RAW. This media engine includes a video decode engine (the M1 Ultra has two), a video encode engine (the M1 Max has two and the M1 Ultra has four), and a ProRes encode and decode engine (again the M1 Max has two and the M1 Ultra has four).[19][20]
The M1 Max supports High Power Mode on the 16-inch MacBook Pro for intensive tasks.[21] The M1 Pro supports two 6K displays at 60 Hz over Thunderbolt, while the M1 Max supports a third 6K display over Thunderbolt and a
4K monitor over
HDMI 2.0.[17] All parameters of the M1 Max processors are doubled in M1 Ultra processors, as they are essentially two M1 Max processors operating in parallel; they are in a single package (in size being bigger than
Socket AM4AMD Ryzen processors)[22] and seen as one processor in macOS.
The 2020 M1-equipped
Mac Mini draws 7 watts when idle and 39 watts at maximum load,[24] compared to 20 watts at idle and 122 watts maximum load for the 2018 6-core Core i7 Mac Mini.[25] The
energy efficiency of the M1 increases battery life of M1-based MacBooks by 50% compared to previous Intel-based MacBooks.[26]
At release, the MacBook Air (M1, 2020) and MacBook Pro (M1, 2020) were praised by critics for their CPU performance and battery life, particularly compared to previous MacBooks.[27][28]
After its release, some users who charged M1 devices through USB-C hubs reported
bricking their device.[34] The devices that are reported to cause this issue were third-party USB-C hubs and non-Thunderbolt docks (excluding Apple's own dongle).[34] Apple handled this issue by replacing the logic board and by telling its customers not to charge through those hubs.[34]macOS Big Sur 11.2.2 includes a fix to prevent 2019 or later MacBook Pro models and 2020 or later MacBook Air models from being damaged by certain third-party USB-C hubs and docks.[35][36]
Security vulnerabilities
M1racles
A flaw in M1 processors, given the name "M1racles", was announced in May 2021. Two sandboxed applications can exchange data without the system's knowledge by using an unintentionally writable
processor register as a
covert channel, violating the security model and constituting a minor vulnerability. It was discovered by
Hector Martin, founder of the
Asahi Linux project for Linux on Apple Silicon.[37]
In June 2022,
MIT researchers announced they had found a
speculative execution vulnerability in M1 chips which they called "Pacman" after pointer authentication codes (PAC).[39] Apple said they did not believe this posed a serious threat to users.[40]
Security vulnerability (CVE-2022-32947)
In 2022, an exploit regarding the M1's page table translations was found by Asahi Lina, a YouTuber and one of the developers involved in Asahi Linux for the GPU: the exploit was discovered by accident during initial reverse engineering efforts of the GPU in the middle of a live-stream. The exploit involved the use of the user having firmware read-write permissions, Apple's Page Translation Lookup Table, registers, and the uPPL. Using
return-oriented programming, the exploit took the form of a shader that would have several components be integrated into the micro sequence in the hardware, generate a fake page table, changing registers to point towards the new page table, and invoking the Lookup Table to perform a uPPL call. As the uPPL had the ability to modify the page table contents, and the lookup table had the unrestricted ability to perform a uPPL call, an attacker can use this exploit to gain root privileges with the fake page table being referenced by the registers: after the fake page table is mapped over the original from the uPPL-Lookup Table vulnerability, and the registers are reset, the attacker then can modify variables to be run as root.
The exploit was considered unique as it involved the use of a shader instead of more traditional means, but the exploit would be categorized under the “Device Attack via user-installed app” category, and was worth $150,000.
A full video was posted in September 2023 that demonstrated the full exploit,[41] along with a website that included information on how the exploit worked. The site also had a JavaScript emulated micro sequence that demonstrated each step of the process.[42]
^Ravichandran, Joseph; Na, Weon Taek; Lang, Jay; Yan, Mengjia (2022). "PACMAN: Attacking ARM Pointer Authentication with Speculative Execution". Proceedings of the 49th Annual International Symposium on Computer Architecture. 49th Annual International Symposium on Computer Architecture. New York: Association for Computing Machinery.
doi:10.1145/3470496.3527429.
hdl:1721.1/146470.
ISBN9781450386104.
S2CID249205178.
^GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers. Boru Chen and Yingchen Wang and Pradyumna Shome and Christopher W. Fletcher and David Kohlbrenner and Riccardo Paccagnella and Daniel Genkin. USENIX Security 2024.