Add RestrictEvents kext

Ensures firmware updates cannot be performed even within the installer

CHANGELOG.md

@@ -4,6 +4,7 @@
 - Add MacPro3,1 to HID patch
 - Fix missing SSDT-CPBG patch
 - Fix BlacklistAppleUpdate
+- Add RestrictEvents kext
 
 ## 0.0.6
 - Fix macserial crashing

README.md

@@ -128,3 +128,6 @@ At this time, the OpenCore Patcher won't install macOS onto the internal drive i
 
 Reminder that once this is done, you'll need to select OpenCore in the boot picker again for your hardware to remenber this entry and auto boot from then on.
 
+### Cannot run OpenCore Legacy Patcher
+
+If the release tab has permissions/Gatekeeper issues, please [download the main repo](https://github.com/dortania/Opencore-Legacy-Patcher/archive/main.zip) and run that instead.

Resources/BuildOpenCore.py

@@ -61,12 +61,15 @@ def BuildEFI():
     copy(Versions.plist_path, Versions.plist_path_build)
     with open(Versions.plist_path_build_full, 'r') as file :
         Versions.plist_data = file.read()
-
-    print("- Adding Lilu %s" % Versions.lilu_version)
+    # Adding must have kexts
+    print("- Adding Lilu v%s" % Versions.lilu_version)
     copy(Versions.lilu_path, Versions.kext_path_build)
     
-    print("- Adding WhateverGreen %s" % Versions.whatevergreen_version)
+    print("- Adding WhateverGreen v%s" % Versions.whatevergreen_version)
     copy(Versions.whatevergreen_path, Versions.kext_path_build)
+
+    print("- Adding RestrictEvents v%s" % Versions.restrictevents_version)
+    copy(Versions.restrictevents_path, Versions.kext_path_build)
     
     # Checks for kexts
     # CPU Kext Patches
@@ -86,7 +89,7 @@ def BuildEFI():
             "<true/><!--AAAMouSSE-->"
         )
     if current_model in ModelArray.MissingSSE42:
-        print("- Adding telemetrap %s" % Versions.telemetrap_version)
+        print("- Adding telemetrap v%s" % Versions.telemetrap_version)
         copy(Versions.telemetrap_path, Versions.kext_path_build)
         Versions.plist_data = Versions.plist_data.replace(
             "<false/><!--telemetrap-->",
@@ -110,7 +113,7 @@ def BuildEFI():
             "<true/><!--MarvelYukonEthernet-->"
         )
     if current_model in ModelArray.EthernetBroadcom:
-        print("- Adding CatalinaBCM5701Ethernet %s" % Versions.bcm570_version)
+        print("- Adding CatalinaBCM5701Ethernet v%s" % Versions.bcm570_version)
         copy(Versions.bcm570_path, Versions.kext_path_build)
         Versions.plist_data = Versions.plist_data.replace(
             "<false/><!--CatalinaBCM5701Ethernet-->",

Resources/Versions.py

@@ -24,6 +24,7 @@ telemetrap_version = "1.0.0"
 io80211high_sierra_version = "1.0.0"
 io80211mojave_version = "1.0.0"
 voodoohda_version = "296"
+restrictevents_version = "1.0.0"
 
 # List current location
 os.chdir(os.path.dirname(os.path.realpath(__file__)))
@@ -45,6 +46,7 @@ nvme_driver_path = os.path.join(current_path, "payloads/Drivers/" "NvmExpressDxe
 lilu_path = os.path.join(current_path, "payloads/Kexts/Acidanthera/" "Lilu-v%s.zip" % lilu_version)
 whatevergreen_path = os.path.join(current_path, "payloads/Kexts/Acidanthera/" "WhateverGreen-v%s.zip" % whatevergreen_version)
 airportbcrmfixup_path = os.path.join(current_path, "payloads/Kexts/Acidanthera/" "AirportBrcmFixup-v%s.zip" % airportbcrmfixup_version)
+restrictevents_path = os.path.join(current_path, "payloads/Kexts/Acidanthera/" "RestrictEvents-v%s.zip" % restrictevents_version)
 bcm570_path = os.path.join(current_path, "payloads/Kexts/Ethernet/" "CatalinaBCM5701Ethernet-v%s.zip" % bcm570_version)
 marvel_path = os.path.join(current_path, "payloads/Kexts/Ethernet/" "MarvelYukonEthernet-v%s.zip" % marvel_version)
 nforce_path = os.path.join(current_path, "payloads/Kexts/Ethernet/" "nForceEthernet-v%s.zip" % nforce_version)

payloads/Config/v0.6.3/config.plist

@@ -210,6 +210,24 @@
 				<key>PlistPath</key>
 				<string>Contents/Info.plist</string>
 			</dict>
+			<dict>
+				<key>Arch</key>
+				<string>x86_64</string>
+				<key>Comment</key>
+				<string>Process Blocker</string>
+				<key>Enabled</key>
+				<true/><!--RestrictEvents-->
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string></string>
+				<key>BundlePath</key>
+				<string>RestrictEvents.kext</string>
+				<key>ExecutablePath</key>
+				<string>Contents/MacOS/RestrictEvents</string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
 			<dict>
 				<key>Arch</key>
 				<string>x86_64</string>

payloads/Config/v0.6.4/config.plist

@@ -212,6 +212,24 @@
 				<key>PlistPath</key>
 				<string>Contents/Info.plist</string>
 			</dict>
+			<dict>
+				<key>Arch</key>
+				<string>x86_64</string>
+				<key>Comment</key>
+				<string>Process Blocker</string>
+				<key>Enabled</key>
+				<true/><!--RestrictEvents-->
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string></string>
+				<key>BundlePath</key>
+				<string>RestrictEvents.kext</string>
+				<key>ExecutablePath</key>
+				<string>Contents/MacOS/RestrictEvents</string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
 			<dict>
 				<key>Arch</key>
 				<string>x86_64</string>