timamsk/OpenCore-Legacy-Patcher
1
0
Fork 0
mirror of https://github.com/dortania/OpenCore-Legacy-Patcher.git synced 2026-04-11 16:27:19 +10:00
Code Issues Packages Projects Releases Wiki Activity

amfi_detect.py: Use enum

Browse Source
This commit is contained in:
Mykola Grymalyuk
2023-02-09 18:09:02 -07:00
parent e83e260db7
commit c5eb52ac5e
2 changed files with 33 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
data/amfi_data.py
View File

@@ -6,19 +6,20 @@
# - 0x3 used in 11.0.1 dyld source:
# - https://github.com/apple-oss-distributions/dyld/blob/5c9192436bb195e7a8fe61f22a229ee3d30d8222/testing/test-cases/kernel-hello-world.dtest/main.c#L2
class apple_mobile_file_integrity:
import enum
class AppleMobileFileIntegrity(enum.IntEnum):
# Names set are solely for readability
# Internal names are unknown
amfi_values = {
"AMFI_ALLOW_TASK_FOR_PID": False, # 0x1 - Allow Task for PID (alt. amfi_unrestrict_task_for_pid=0x1)
"AMFI_ALLOW_INVALID_SIGNATURE": False, # 0x2 - Reduce sig enforcement (alt. amfi_allow_any_signature=0x1)
"AMFI_LV_ENFORCE_THIRD_PARTY": False, # 0x4 - Don't mark external binaries as platform binaries
"AMFI_UNKNOWN_1": False, # 0x8
"AMFI_UNKNOWN_2": False, # 0x10
"AMFI_UNKNOWN_3": False, # 0x20
"AMFI_UNKNOWN_4": False, # 0x40
"AMFI_ALLOW_EVERYTHING": False, # 0x80 - Disable sig enforcement and Library Validation (alt. amfi_get_out_of_my_way=0x1)
},
AMFI_ALLOW_TASK_FOR_PID: int = 0x1 # Allow Task for PID (alt. amfi_unrestrict_task_for_pid=0x1)
AMFI_ALLOW_INVALID_SIGNATURE: int = 0x2 # Reduce sig enforcement (alt. amfi_allow_any_signature=0x1)
AMFI_LV_ENFORCE_THIRD_PARTY: int = 0x4 # Don't mark external binaries as platform binaries
AMFI_UNKNOWN_1: int = 0x8
AMFI_UNKNOWN_2: int = 0x10
AMFI_UNKNOWN_3: int = 0x20
AMFI_UNKNOWN_4: int = 0x40
AMFI_ALLOW_EVERYTHING: int = 0x80 # Disable sig enforcement and Library Validation (alt. amfi_get_out_of_my_way=0x1)
# Internally within AMFI.kext, Apple references 0x2 and 0x80 as both 'Disable signature enforcement'
# However 0x80 is a higher privilege than 0x2, and breaks TCC support in OS (ex. Camera, Microphone, etc prompts)

42
resources/amfi_detect.py
View File

@@ -3,6 +3,7 @@
import enum
from resources import utilities
from data import amfi_data
class AmfiConfigDetectLevel(enum.IntEnum):
@@ -67,32 +68,31 @@ class AmfiConfigurationDetection:
amfi_value = 0
for arg in self.boot_args:
if arg.startswith("amfi="):
try:
amfi_value = arg.split("=")
if len(amfi_value) != 2:
return
amfi_value = amfi_value[1]
if amfi_value.startswith("0x"):
amfi_value = int(amfi_value, 16)
else:
amfi_value = int(amfi_value)
except:
if not arg.startswith("amfi"):
continue
try:
amfi_value = arg.split("=")
if len(amfi_value) != 2:
return
break
amfi_value = amfi_value[1]
if amfi_value.startswith("0x"):
amfi_value = int(amfi_value, 16)
else:
amfi_value = int(amfi_value)
except:
return
break
if amfi_value == 0:
return
if amfi_value & 0x1:
self.AMFI_ALLOW_TASK_FOR_PID = True
if amfi_value & 0x2:
self.AMFI_ALLOW_INVALID_SIGNATURE = True
if amfi_value & 0x4:
self.AMFI_LV_ENFORCE_THIRD_PARTY = True
if amfi_value & 0x80:
self.AMFI_ALLOW_EVERYTHING = True
self.SKIP_LIBRARY_VALIDATION = True
self.AMFI_ALLOW_TASK_FOR_PID: bool = amfi_value & amfi_data.AppleMobileFileIntegrity.AMFI_ALLOW_TASK_FOR_PID
self.AMFI_ALLOW_INVALID_SIGNATURE: bool = amfi_value & amfi_data.AppleMobileFileIntegrity.AMFI_ALLOW_INVALID_SIGNATURE
self.AMFI_LV_ENFORCE_THIRD_PARTY: bool = amfi_value & amfi_data.AppleMobileFileIntegrity.AMFI_LV_ENFORCE_THIRD_PARTY
if amfi_value & amfi_data.AppleMobileFileIntegrity.AMFI_ALLOW_EVERYTHING:
self.AMFI_ALLOW_EVERYTHING = True
self.SKIP_LIBRARY_VALIDATION = True
self.AMFI_ALLOW_INVALID_SIGNATURE = True