[go: up one dir, main page]
Menu

[9e1265]: / refind / apple.h  Maximize  Restore  History

Download this file

78 lines (72 with data), 3.5 kB 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
/*

 * refind/apple.h

 *

 * Copyright (c) 2015 Roderick W. Smith

 *

 * This program is free software: you can redistribute it and/or modify

 * it under the terms of the GNU General Public License as published by

 * the Free Software Foundation, either version 3 of the License, or

 * (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program.  If not, see <http://www.gnu.org/licenses/>.

 *

 */



#ifndef __APPLE_H_

#define __APPLE_H_



// The constants related to Apple's System Integrity Protection (SIP)....

#define CSR_GUID { 0x7c436110, 0xab2a, 0x4bbb, { 0xa8, 0x80, 0xfe, 0x41, 0x99, 0x5c, 0x9f, 0x82 } };

// These codes are returned in the first two bytes of the csr-active-config variable

#define CSR_ALLOW_UNTRUSTED_KEXTS            0x01

#define CSR_ALLOW_UNRESTRICTED_FS            0x02

#define CSR_ALLOW_TASK_FOR_PID               0x04

#define CSR_ALLOW_KERNEL_DEBUGGER            0x08

#define CSR_ALLOW_APPLE_INTERNAL             0x10

#define CSR_ALLOW_UNRESTRICTED_DTRACE        0x20

#define CSR_ALLOW_UNRESTRICTED_NVRAM         0x40

#define CSR_ALLOW_DEVICE_CONFIGURATION       0x80

#define CSR_ALLOW_ANY_RECOVERY_OS            0x100

#define CSR_ALLOW_UNAPPROVED_KEXTS           0x200

#define CSR_ALLOW_EXECUTABLE_POLICY_OVERRIDE 0x400

#define CSR_ALLOW_UNAUTHENTICATED_ROOT       0x800

#define CSR_END_OF_LIST                      0xFFFFFFFF

// Some summaries....

#define SIP_ENABLED  CSR_ALLOW_APPLE_INTERNAL

// SIP was disabled with a value of 0x77 in macOS 10.x....

#define SIP_DISABLED_10 (CSR_ALLOW_UNRESTRICTED_NVRAM | \

                         CSR_ALLOW_UNRESTRICTED_DTRACE | \

                         CSR_ALLOW_APPLE_INTERNAL | \

                         CSR_ALLOW_TASK_FOR_PID | \

                         CSR_ALLOW_UNRESTRICTED_FS | \

                         CSR_ALLOW_UNTRUSTED_KEXTS)

// Starting with macOS 11.0, SIP requires 0x877 to be fully disabled....

#define SIP_DISABLED_11 (CSR_ALLOW_UNRESTRICTED_NVRAM | \

                         CSR_ALLOW_UNRESTRICTED_DTRACE | \

                         CSR_ALLOW_APPLE_INTERNAL | \

                         CSR_ALLOW_TASK_FOR_PID | \

                         CSR_ALLOW_UNRESTRICTED_FS | \

                         CSR_ALLOW_UNTRUSTED_KEXTS | \

                         CSR_ALLOW_UNAUTHENTICATED_ROOT)

#define CSR_MAX_LEGAL_VALUE (CSR_ALLOW_UNTRUSTED_KEXTS | \

                             CSR_ALLOW_UNRESTRICTED_FS | \

                             CSR_ALLOW_TASK_FOR_PID | \

                             CSR_ALLOW_KERNEL_DEBUGGER | \

                             CSR_ALLOW_APPLE_INTERNAL | \

                             CSR_ALLOW_UNRESTRICTED_DTRACE | \

                             CSR_ALLOW_UNRESTRICTED_NVRAM | \

                             CSR_ALLOW_DEVICE_CONFIGURATION | \

                             CSR_ALLOW_ANY_RECOVERY_OS | \

                             CSR_ALLOW_UNAPPROVED_KEXTS | \

                             CSR_ALLOW_EXECUTABLE_POLICY_OVERRIDE | \

                             CSR_ALLOW_UNAUTHENTICATED_ROOT)



extern CHAR16 gCsrStatus[512];



EFI_STATUS GetCsrStatus(UINT32 *CsrValue);

VOID RecordgCsrStatus(UINT32 CsrStatus, BOOLEAN DisplayMessage);

VOID RotateCsrValue(VOID);

EFI_STATUS SetAppleOSInfo();



#endif