timamsk/OpenCore-Legacy-Patcher
1
0
Fork 0
mirror of https://github.com/dortania/OpenCore-Legacy-Patcher.git synced 2026-06-20 14:10:51 +10:00
Code Issues Packages Projects Releases Wiki Activity

Lower SIP requirement

Browse Source
This commit is contained in:
Mykola Grymalyuk
2022-04-02 19:00:46 -06:00
parent e155613958
commit 357e446987
5 changed files with 10 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CHANGELOG.md
+3
View File
@@ -1,6 +1,9 @@
# OpenCore Legacy Patcher changelog # OpenCore Legacy Patcher changelog
## 0.4.4 ## 0.4.4
- Lower SIP requirement for Root Patching
- Sets to 0x802 (previously 0xA03)
- Drops `CSR_ALLOW_UNTRUSTED_KEXTS` and `CSR_ALLOW_UNAPPROVED_KEXTS`
## 0.4.3 ## 0.4.3
- Increment Binaries: - Increment Binaries:
data/sip_data.py
-2
View File
@@ -122,9 +122,7 @@ class system_integrity_protection:
root_patch_sip_big_sur = [ root_patch_sip_big_sur = [
# Variables required to root patch in Big Sur and Monterey # Variables required to root patch in Big Sur and Monterey
"CSR_ALLOW_UNTRUSTED_KEXTS", # 0x1
"CSR_ALLOW_UNRESTRICTED_FS", # 0x2 - Required to mount and edit root volume, as well as load modded platform binaries "CSR_ALLOW_UNRESTRICTED_FS", # 0x2 - Required to mount and edit root volume, as well as load modded platform binaries
"CSR_ALLOW_UNAPPROVED_KEXTS", # 0x200
"CSR_ALLOW_UNAUTHENTICATED_ROOT", # 0x800 - Required to avoid KC mismatch kernel panic "CSR_ALLOW_UNAUTHENTICATED_ROOT", # 0x800 - Required to avoid KC mismatch kernel panic
] ]
gui/gui_main.py
+5 -5
View File
@@ -2253,7 +2253,7 @@ class wx_python_gui:
elif self.constants.sip_status is True: elif self.constants.sip_status is True:
self.sip_value = 0x00 self.sip_value = 0x00
else: else:
self.sip_value = 0xa03 self.sip_value = 0x802
self.sip_label_2 = wx.StaticText(self.frame, label=f"Currently configured SIP: {hex(self.sip_value)}") self.sip_label_2 = wx.StaticText(self.frame, label=f"Currently configured SIP: {hex(self.sip_value)}")
self.sip_label_2.SetFont(wx.Font(12, wx.FONTFAMILY_DEFAULT, wx.FONTSTYLE_NORMAL, wx.FONTWEIGHT_BOLD)) self.sip_label_2.SetFont(wx.Font(12, wx.FONTFAMILY_DEFAULT, wx.FONTSTYLE_NORMAL, wx.FONTWEIGHT_BOLD))
@@ -2262,21 +2262,21 @@ class wx_python_gui:
) )
self.sip_label_2.Center(wx.HORIZONTAL) self.sip_label_2.Center(wx.HORIZONTAL)
self.sip_label_3 = wx.StaticText(self.frame, label="For older Macs requiring root patching, we set SIP to\n be partially disabled (0xa03) to allow root patching.") self.sip_label_3 = wx.StaticText(self.frame, label="For older Macs requiring root patching, we set SIP to\n be partially disabled (0x802) to allow root patching.")
self.sip_label_3.SetFont(wx.Font(12, wx.FONTFAMILY_DEFAULT, wx.FONTSTYLE_NORMAL, wx.FONTWEIGHT_NORMAL)) self.sip_label_3.SetFont(wx.Font(12, wx.FONTFAMILY_DEFAULT, wx.FONTSTYLE_NORMAL, wx.FONTWEIGHT_NORMAL))
self.sip_label_3.SetPosition( self.sip_label_3.SetPosition(
wx.Point(self.sip_label_2.GetPosition().x, self.sip_label_2.GetPosition().y + self.sip_label_2.GetSize().height + 10) wx.Point(self.sip_label_2.GetPosition().x, self.sip_label_2.GetPosition().y + self.sip_label_2.GetSize().height + 10)
) )
self.sip_label_3.Center(wx.HORIZONTAL) self.sip_label_3.Center(wx.HORIZONTAL)
self.sip_label_4 = wx.StaticText(self.frame, label="This value (0xa03) corresponds to the following bits in csr.h:") self.sip_label_4 = wx.StaticText(self.frame, label="This value (0x802) corresponds to the following bits in csr.h:")
self.sip_label_4.SetFont(wx.Font(12, wx.FONTFAMILY_DEFAULT, wx.FONTSTYLE_NORMAL, wx.FONTWEIGHT_NORMAL)) self.sip_label_4.SetFont(wx.Font(12, wx.FONTFAMILY_DEFAULT, wx.FONTSTYLE_NORMAL, wx.FONTWEIGHT_NORMAL))
self.sip_label_4.SetPosition( self.sip_label_4.SetPosition(
wx.Point(self.sip_label_3.GetPosition().x, self.sip_label_3.GetPosition().y + self.sip_label_3.GetSize().height + 5) wx.Point(self.sip_label_3.GetPosition().x, self.sip_label_3.GetPosition().y + self.sip_label_3.GetSize().height + 5)
) )
self.sip_label_4.Center(wx.HORIZONTAL) self.sip_label_4.Center(wx.HORIZONTAL)
self.sip_label_5 = wx.StaticText(self.frame, label=" 0x1 - CSR_ALLOW_UNTRUSTED_KEXTS\n 0x2 - CSR_ALLOW_UNRESTRICTED_FS\n 0x200 - CSR_ALLOW_UNAPPROVED_KEXTS\n 0x800 - CSR_ALLOW_UNAUTHENTICATED_ROOT") self.sip_label_5 = wx.StaticText(self.frame, label=" 0x2 - CSR_ALLOW_UNRESTRICTED_FS\n 0x800 - CSR_ALLOW_UNAUTHENTICATED_ROOT")
self.sip_label_5.SetFont(wx.Font(12, wx.FONTFAMILY_DEFAULT, wx.FONTSTYLE_NORMAL, wx.FONTWEIGHT_NORMAL)) self.sip_label_5.SetFont(wx.Font(12, wx.FONTFAMILY_DEFAULT, wx.FONTSTYLE_NORMAL, wx.FONTWEIGHT_NORMAL))
self.sip_label_5.SetPosition( self.sip_label_5.SetPosition(
wx.Point(self.sip_label_4.GetPosition().x, self.sip_label_4.GetPosition().y + self.sip_label_4.GetSize().height + 7) wx.Point(self.sip_label_4.GetPosition().x, self.sip_label_4.GetPosition().y + self.sip_label_4.GetSize().height + 7)
@@ -2329,7 +2329,7 @@ OpenCore Legacy Patcher by default knows the most ideal
if hex(self.sip_value) == "0x0": if hex(self.sip_value) == "0x0":
self.constants.custom_sip_value = None self.constants.custom_sip_value = None
self.constants.sip_status = True self.constants.sip_status = True
elif hex(self.sip_value) == "0xa03": elif hex(self.sip_value) == "0x802":
self.constants.custom_sip_value = None self.constants.custom_sip_value = None
self.constants.sip_status = False self.constants.sip_status = False
else: else:
resources/build.py
+1 -1
View File
@@ -863,7 +863,7 @@ class BuildOpenCore:
self.config["NVRAM"]["Add"]["7C436110-AB2A-4BBB-A880-FE41995C9F82"]["csr-active-config"] = utilities.string_to_hex(self.constants.custom_sip_value.lstrip("0x")) self.config["NVRAM"]["Add"]["7C436110-AB2A-4BBB-A880-FE41995C9F82"]["csr-active-config"] = utilities.string_to_hex(self.constants.custom_sip_value.lstrip("0x"))
elif self.constants.sip_status is False: elif self.constants.sip_status is False:
print("- Set SIP to allow Root Volume patching") print("- Set SIP to allow Root Volume patching")
self.config["NVRAM"]["Add"]["7C436110-AB2A-4BBB-A880-FE41995C9F82"]["csr-active-config"] = binascii.unhexlify("030A0000") self.config["NVRAM"]["Add"]["7C436110-AB2A-4BBB-A880-FE41995C9F82"]["csr-active-config"] = binascii.unhexlify("02080000")
# if self.constants.amfi_status is False: # if self.constants.amfi_status is False:
# print("- Disabling AMFI") # print("- Disabling AMFI")
# self.config["NVRAM"]["Add"]["7C436110-AB2A-4BBB-A880-FE41995C9F82"]["boot-args"] += " amfi_get_out_of_my_way=1" # self.config["NVRAM"]["Add"]["7C436110-AB2A-4BBB-A880-FE41995C9F82"]["boot-args"] += " amfi_get_out_of_my_way=1"
resources/cli_menu.py
+1 -1
View File
@@ -174,7 +174,7 @@ Note: For security reasons, OpenShell will be disabled when Vault is set.
print( print(
f"""SIP is used to ensure proper secuirty measures are set, f"""SIP is used to ensure proper secuirty measures are set,
however to patch the root volume this must be lowered partially. however to patch the root volume this must be lowered partially.
Only disable is absolutely necessary. SIP value = 0xA03 Only disable is absolutely necessary. SIP value = 0x802
Valid options: Valid options: