From b76bb7fe205c6993174d0391112c94e4615c8c60 Mon Sep 17 00:00:00 2001
From: Mykola Grymalyuk <khronokernel@icloud.com>
Date: Sun, 8 May 2022 10:07:12 -0600
Subject: [PATCH] utilities.py: Fix SB Policy detection

---
 resources/device_probe.py |  4 ++--
 resources/utilities.py    | 10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/resources/device_probe.py b/resources/device_probe.py
index b54eb02bc..2e2502fd8 100644
--- a/resources/device_probe.py
+++ b/resources/device_probe.py
@@ -486,7 +486,7 @@ class Computer:
     ambient_light_sensor: Optional[bool] = False
     third_party_sata_ssd: Optional[bool] = False
     secure_boot_model: Optional[str] = None
-    secure_boot_status: Optiona[int] = None
+    secure_boot_policy: Optiona[int] = None
 
     @staticmethod
     def probe():
@@ -709,7 +709,7 @@ class Computer:
 
         # SecureBoot Variables
         self.secure_boot_model = utilities.check_secure_boot_model()
-        self.secure_boot_status = utilities.check_ap_security_mode()
+        self.secure_boot_policy = utilities.check_ap_security_policy()
     def cpu_probe(self):
         self.cpu = CPU(
             subprocess.run("sysctl machdep.cpu.brand_string".split(), stdout=subprocess.PIPE).stdout.decode().partition(": ")[2].strip(),
diff --git a/resources/utilities.py b/resources/utilities.py
index 44568f85e..1beb193f4 100644
--- a/resources/utilities.py
+++ b/resources/utilities.py
@@ -214,20 +214,20 @@ def check_secure_boot_model():
         return sbm_string
     return None
 
-def check_ap_security_mode():
-    ap_security_mode_byte = get_nvram("ApSecurityMode", "94B73556-2197-4702-82A8-3E1337DAFBFB", decode=False)
-    if ap_security_mode_byte:
+def check_ap_security_policy():
+    ap_security_policy_byte = get_nvram("AppleSecureBootPolicy", "94B73556-2197-4702-82A8-3E1337DAFBFB", decode=False)
+    if ap_security_policy_byte:
         # Ref:
         # https://github.com/acidanthera/OpenCorePkg/blob/f7c1a3d483fa2535b6a62c25a4f04017bfeee09a/Include/Apple/Protocol/AppleImg4Verification.h#L27-L31
         #     AppleImg4SbModeDisabled = 0,
         #     AppleImg4SbModeMedium   = 1,
         #     AppleImg4SbModeFull     = 2
-        return int.from_bytes(ap_security_mode_byte, byteorder="little")
+        return int.from_bytes(ap_security_policy_byte, byteorder="little")
     return 0
 
 def check_secure_boot_level():
     if check_secure_boot_model() in constants.Constants().sbm_values:
-        if check_ap_security_mode() == 2:
+        if check_ap_security_policy() == 2:
             return True
         else:
             return False