Add better FV patch detection

OpenCore-Patcher.command

@@ -33,7 +33,7 @@ class OpenCoreLegacyPatcher:
             self.constants.disable_cs_lv = True
 
         if model in ModelArray.LegacyGPU:
-            if Utilities.check_metal_support(device_probe, self.computer) is True:
+            if host_is_target and Utilities.check_metal_support(device_probe, self.computer) is True:
                 # Building on device and we have a native, supported GPU
                 self.constants.sip_status = True
                 # self.constants.secure_status = True  # Monterey

Resources/Build.py

@@ -710,6 +710,8 @@ class BuildOpenCore:
             # Note this function was added in 11.3 (20E232, 20.4), older builds do not support this (ie. 11.2.3)
             print("- Allowing FileVault on Root Patched systems")
             self.get_item_by_kv(self.config["Kernel"]["Patch"], "Identifier", "com.apple.filesystems.apfs")["Enabled"] = True
+            # Lets us check in SysPatch.py if config supports FileVault
+            self.config["NVRAM"]["Add"]["4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102"]["OCLP-Settings"] += "-allow_fv"
 
     def set_smbios(self):
         spoofed_model = self.model

Resources/Constants.py

@@ -781,6 +781,8 @@ class Constants:
         "iMac16,1": "Mac-A369DDC4E67F1C45",
         "iMac16,2": "Mac-FFE5EF870D7BA81A",
         "iMac17,1": "Mac-DB15BD556843C820",
+        # iMac17,1": "Mac-65CE76090165799A",
+        # iMac17,1": "Mac-B809C3757DA9BB8D",
         "iMac18,1": "Mac-4B682C642B45593E",
         "iMac18,2": "Mac-77F17D7DA9285301",
         "iMac18,3": "Mac-BE088AF8C5EB4FA2",

Resources/SysPatch.py

@@ -422,7 +422,7 @@ set million colour before rebooting"""
             )
             Utilities.process_status(self.elevated(["chmod", "755", f"{self.mount_lauchd}/IOHID-Fixup.plist"], stdout=subprocess.PIPE, stderr=subprocess.STDOUT))
             Utilities.process_status(self.elevated(["chown", "root:wheel", f"{self.mount_lauchd}/IOHID-Fixup.plist"], stdout=subprocess.PIPE, stderr=subprocess.STDOUT))
-        elif Utilities.check_oclp_boot() is False:
+        elif Utilities.check_filevault_skip() is False:
             # Assume non-OCLP Macs don't have _cs_require_lv
             print("- Disabling Library Validation")
             Utilities.process_status(

Resources/Utilities.py

@@ -165,6 +165,12 @@ def check_metal_support(device_probe, computer):
     else:
         return True
 
+def check_filevault_skip():
+    # Check whether we can skip FileVault check with Root Patching
+    if get_nvram("OCLP-Settings", "4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102", decode=False) and "-allow_fv" in get_nvram("OCLP-Settings", "4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102", decode=False):
+        return True
+    else:
+        return False
 
 def patching_status(os_sip, os):
     # Detection for Root Patching
@@ -190,7 +196,7 @@ def patching_status(os_sip, os):
     if get_nvram("csr-active-config", decode=False) and csr_decode(get_nvram("csr-active-config", decode=False), os_sip) is False:
         sip_enabled = False
 
-    if os > Constants.Constants().catalina and not check_oclp_boot():
+    if os > Constants.Constants().catalina and not check_filevault_skip():
         # Assume non-OCLP Macs do not have our APFS seal patch
         fv_status: str = subprocess.run("fdesetup status".split(), stdout=subprocess.PIPE, stderr=subprocess.STDOUT).stdout.decode()
         if "FileVault is Off" in fv_status:

payloads/Config/config.plist

@@ -1292,6 +1292,8 @@
 			<dict>
 				<key>OCLP-Version</key>
 				<string></string>
+				<key>OCLP-Settings</key>
+				<string></string>
 			</dict>
 			<key>7C436110-AB2A-4BBB-A880-FE41995C9F82</key>
 			<dict>
@@ -1312,6 +1314,7 @@
 			<key>4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102</key>
 			<array>
 				<string>OCLP-Version</string>
+				<string>OCLP-Settings</string>
 				<string>revcpu</string>
 				<string>revcpuname</string>
 			</array>