Drop reliance on amfi_get_out_of_my_way=0x1

resources/utilities.py

@@ -15,7 +15,7 @@ import atexit
 import requests
 import shutil
 
-from resources import constants, ioreg
+from resources import constants, ioreg, amfi_detect
 from data import sip_data, os_data
 
 
@@ -150,26 +150,6 @@ def enable_sleep_after_running():
         sleep_process.kill()
         sleep_process = None
 
-def amfi_status(fully_disabled=False):
-    amfi_args = [
-        "amfi_get_out_of_my_way=0x1",
-        "amfi_get_out_of_my_way=1",
-        "amfi=128",
-    ]
-
-    if fully_disabled is False:
-        # Library Validation based patch
-        oclp_guid = get_nvram("OCLP-Settings", "4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102", decode=True)
-        if oclp_guid:
-            if "-allow_amfi" in oclp_guid:
-                return False
-    boot_args = get_nvram("boot-args", decode=True)
-    if boot_args:
-        for arg in amfi_args:
-            if arg in boot_args:
-                return False
-    return True
-
 
 def check_kext_loaded(kext_name, os_version):
     if os_version > os_data.os_data.catalina:
@@ -278,10 +258,10 @@ def patching_status(os_sip, os):
     gen7_kext = "/System/Library/Extension/AppleIntelHD3000Graphics.kext"
 
     if os > os_data.os_data.catalina:
-        requires_full_amfi = False
+        amfi_level = 1
         if os >= os_data.os_data.ventura:
-            requires_full_amfi = True
-        amfi_enabled = amfi_status(fully_disabled=requires_full_amfi)
+            amfi_level = 2
+        amfi_enabled = not amfi_detect.amfi_configuration_detection().check_config(amfi_level)
     else:
         # Catalina and older supports individually disabling Library Validation
         amfi_enabled = False