sys_patch_detect.py: Implement proper SIP checks for Web Drivers

2026-04-18 05:34:42 +10:00 · 2022-05-27 10:25:38 -06:00
parent ba7df10148
commit 4a1199cb59
2 changed files with 35 additions and 9 deletions
--- a/data/sip_data.py
+++ b/data/sip_data.py
@@ -126,6 +126,14 @@ class system_integrity_protection:
        "CSR_ALLOW_UNAUTHENTICATED_ROOT",  #       0x800 - Required to avoid KC mismatch kernel panic
    ]

+    root_patch_sip_big_sur_3rd_part_kexts = [
+        # Variables required to root patch in Big Sur and Monterey with 3rd party kexts
+        "CSR_ALLOW_UNTRUSTED_KEXTS",  #            0x1   - Required for Aux Cache in Big Sur+
+        "CSR_ALLOW_UNRESTRICTED_FS",  #            0x2   - Required to mount and edit root volume, as well as load modded platform binaries
+        "CSR_ALLOW_UNAUTHENTICATED_ROOT",  #       0x800 - Required to avoid KC mismatch kernel panic
+        "CSR_ALLOW_UNAPPROVED_KEXTS",  #           0x200 - Required for Aux Cache in Big Sur+
+    ]
+
    # CSR_ALLOW_EXECUTABLE_POLICY_OVERRIDE (introduced with Mojave):
    # This bit is quite strange and was originally assumed to be required for modded platform binaries
    # However after extensive testing, this doesn't seem true. In addition, this bit is never flipped via