mirror of
https://github.com/dortania/OpenCore-Legacy-Patcher.git
synced 2026-06-21 22:50:51 +10:00
SIP: Move to py_sip_xnu module
This commit is contained in:
Mykola Grymalyuk
@@ -11,6 +11,7 @@
|
|||||||
- Remove `Force Web Drivers` option
|
- Remove `Force Web Drivers` option
|
||||||
- Avoids accidental use of non-Metal Web Drivers on Kepler GPUs
|
- Avoids accidental use of non-Metal Web Drivers on Kepler GPUs
|
||||||
- Resolve silent auto patcher crash when new OCLP version is available
|
- Resolve silent auto patcher crash when new OCLP version is available
|
||||||
|
- Implement [`py_sip_xnu`](https://github.com/khronokernel/py_sip_xnu) module
|
||||||
|
|
||||||
## 0.5.2
|
## 0.5.2
|
||||||
- Ventura Specific Updates:
|
- Ventura Specific Updates:
|
||||||
|
|||||||
+2
-1
@@ -16,6 +16,7 @@ from pathlib import Path
|
|||||||
import binascii
|
import binascii
|
||||||
import hashlib
|
import hashlib
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
|
import py_sip_xnu
|
||||||
|
|
||||||
from resources import constants, defaults, install, installer, utilities, run, generate_smbios, updates, integrity_verification, global_settings, kdk_handler
|
from resources import constants, defaults, install, installer, utilities, run, generate_smbios, updates, integrity_verification, global_settings, kdk_handler
|
||||||
from resources.sys_patch import sys_patch_download, sys_patch_detect, sys_patch, sys_patch_auto
|
from resources.sys_patch import sys_patch_download, sys_patch_detect, sys_patch, sys_patch_auto
|
||||||
@@ -3344,7 +3345,7 @@ class wx_python_gui:
|
|||||||
)
|
)
|
||||||
self.sip_label_2.Center(wx.HORIZONTAL)
|
self.sip_label_2.Center(wx.HORIZONTAL)
|
||||||
|
|
||||||
self.sip_label_2_2 = wx.StaticText(self.frame_modal, label=f"Currently Booted SIP: {hex(utilities.csr_dump())}")
|
self.sip_label_2_2 = wx.StaticText(self.frame_modal, label=f"Currently Booted SIP: {hex(py_sip_xnu.SipXnu().get_sip_status().value)}")
|
||||||
self.sip_label_2_2.SetFont(wx.Font(12, wx.FONTFAMILY_DEFAULT, wx.FONTSTYLE_NORMAL, wx.FONTWEIGHT_NORMAL))
|
self.sip_label_2_2.SetFont(wx.Font(12, wx.FONTFAMILY_DEFAULT, wx.FONTSTYLE_NORMAL, wx.FONTWEIGHT_NORMAL))
|
||||||
self.sip_label_2_2.SetPosition(
|
self.sip_label_2_2.SetPosition(
|
||||||
wx.Point(self.sip_label_2.GetPosition().x, self.sip_label_2.GetPosition().y + self.sip_label_2.GetSize().height + 5)
|
wx.Point(self.sip_label_2.GetPosition().x, self.sip_label_2.GetPosition().y + self.sip_label_2.GetSize().height + 5)
|
||||||
|
|||||||
@@ -3,3 +3,4 @@ pyobjc
|
|||||||
wxpython
|
wxpython
|
||||||
pyinstaller
|
pyinstaller
|
||||||
packaging
|
packaging
|
||||||
|
py_sip_xnu
|
||||||
@@ -7,6 +7,8 @@ from resources import constants, device_probe, utilities, amfi_detect
|
|||||||
from resources.sys_patch import sys_patch_helpers
|
from resources.sys_patch import sys_patch_helpers
|
||||||
from data import model_array, os_data, sip_data, sys_patch_dict
|
from data import model_array, os_data, sip_data, sys_patch_dict
|
||||||
|
|
||||||
|
import py_sip_xnu
|
||||||
|
|
||||||
class detect_root_patch:
|
class detect_root_patch:
|
||||||
def __init__(self, model, versions):
|
def __init__(self, model, versions):
|
||||||
self.model = model
|
self.model = model
|
||||||
@@ -357,7 +359,7 @@ class detect_root_patch:
|
|||||||
"Settings: Kernel Debug Kit missing": self.missing_kdk if self.constants.detected_os >= os_data.os_data.ventura.value else False,
|
"Settings: Kernel Debug Kit missing": self.missing_kdk if self.constants.detected_os >= os_data.os_data.ventura.value else False,
|
||||||
"Validation: Patching Possible": self.verify_patch_allowed(),
|
"Validation: Patching Possible": self.verify_patch_allowed(),
|
||||||
f"Validation: SIP is enabled (Required: {self.check_sip()[2]} or higher)": self.sip_enabled,
|
f"Validation: SIP is enabled (Required: {self.check_sip()[2]} or higher)": self.sip_enabled,
|
||||||
f"Validation: Currently Booted SIP: ({hex(utilities.csr_dump())})": self.sip_enabled,
|
f"Validation: Currently Booted SIP: ({hex(py_sip_xnu.SipXnu().get_sip_status().value)})": self.sip_enabled,
|
||||||
"Validation: SecureBootModel is enabled": self.sbm_enabled,
|
"Validation: SecureBootModel is enabled": self.sbm_enabled,
|
||||||
f"Validation: {'AMFI' if self.constants.host_is_hackintosh is True or self.get_amfi_level_needed() > 2 else 'Library Validation'} is enabled": self.amfi_enabled if self.amfi_must_disable is True else False,
|
f"Validation: {'AMFI' if self.constants.host_is_hackintosh is True or self.get_amfi_level_needed() > 2 else 'Library Validation'} is enabled": self.amfi_enabled if self.amfi_must_disable is True else False,
|
||||||
"Validation: FileVault is enabled": self.fv_enabled,
|
"Validation: FileVault is enabled": self.fv_enabled,
|
||||||
|
|||||||
+3
-18
@@ -9,14 +9,14 @@ from pathlib import Path
|
|||||||
import os
|
import os
|
||||||
import binascii
|
import binascii
|
||||||
import argparse
|
import argparse
|
||||||
from ctypes import CDLL, c_uint, byref
|
|
||||||
import time
|
import time
|
||||||
import atexit
|
import atexit
|
||||||
import requests
|
import requests
|
||||||
import shutil
|
import shutil
|
||||||
import urllib.parse
|
import urllib.parse
|
||||||
|
import py_sip_xnu
|
||||||
|
|
||||||
from resources import constants, ioreg, amfi_detect
|
from resources import constants, ioreg
|
||||||
from data import sip_data, os_data
|
from data import sip_data, os_data
|
||||||
|
|
||||||
SESSION = requests.Session()
|
SESSION = requests.Session()
|
||||||
@@ -102,24 +102,9 @@ def check_filesystem_type():
|
|||||||
filesystem_type = plistlib.loads(subprocess.run(["diskutil", "info", "-plist", "/"], stdout=subprocess.PIPE).stdout.decode().strip().encode())
|
filesystem_type = plistlib.loads(subprocess.run(["diskutil", "info", "-plist", "/"], stdout=subprocess.PIPE).stdout.decode().strip().encode())
|
||||||
return filesystem_type["FilesystemType"]
|
return filesystem_type["FilesystemType"]
|
||||||
|
|
||||||
def csr_dump():
|
|
||||||
# Based off sip_config.py
|
|
||||||
# https://gist.github.com/pudquick/8b320be960e1654b908b10346272326b
|
|
||||||
# https://opensource.apple.com/source/xnu/xnu-7195.141.2/libsyscall/wrappers/csr.c.auto.html
|
|
||||||
# Far more reliable than parsing NVRAM's csr-active-config (ie. user can wipe it, boot.efi can strip bits)
|
|
||||||
|
|
||||||
# Note that 'csr_get_active_config' was not introduced until 10.11
|
|
||||||
try:
|
|
||||||
libsys = CDLL('/usr/lib/libSystem.dylib')
|
|
||||||
raw = c_uint(0)
|
|
||||||
errmsg = libsys.csr_get_active_config(byref(raw))
|
|
||||||
return raw.value
|
|
||||||
except AttributeError:
|
|
||||||
return 0
|
|
||||||
|
|
||||||
|
|
||||||
def csr_decode(os_sip):
|
def csr_decode(os_sip):
|
||||||
sip_int = csr_dump()
|
sip_int = py_sip_xnu.SipXnu().get_sip_status().value
|
||||||
for i, current_sip_bit in enumerate(sip_data.system_integrity_protection.csr_values):
|
for i, current_sip_bit in enumerate(sip_data.system_integrity_protection.csr_values):
|
||||||
if sip_int & (1 << i):
|
if sip_int & (1 << i):
|
||||||
sip_data.system_integrity_protection.csr_values[current_sip_bit] = True
|
sip_data.system_integrity_protection.csr_values[current_sip_bit] = True
|
||||||
|
|||||||
Reference in New Issue
Block a user