avoid EFIv2 runtime services on Apple x86 machines

[eduardacatrinei]

While booting a MacBookPro15,2 (the last Intel model, 2019).
The shim 15.8 got stuck in RT->QueryVariableInfo().
Previously, these devices shipped with EFI firmware version 1.10, and we had a quirk in place for this (#364)
However, Apple updated the firmware to version 2.40, but it still doesn't implement runtime services.

Logs and a screen recording have been attached to this comment.
#364 (comment)

Related to:
#385
#457
https://nvd.nist.gov/vuln/detail/CVE-2022-48769

[eduardacatrinei]

@vathpela can you take a look here?

[AdityaGarg8]

Does this make Apple's T2 chip recognise the signature? Or it just makes it bootable with secure boot turned off?

[eduardacatrinei]

This will help prevent a black screen when trying a distro based on shim.
According with Apple_T2_Security_Chip_Overview, it will not recognize the signature.

NOTE: There is currently no trust provided for the the Microsoft Corporation
UEFI CA 2011, which would allow verification of code signed by Microsoft
partners. This UEFI CA is commonly used to verify the authenticity of
bootloaders for other operating systems such as Linux variants.