Chameleon Commit Details - 2893 - Chameleon open source boot loader project.

Date:

2017-08-13 13:16:33 (6 years 8 months ago)

Author:

ErmaC

Commit:

2893

Parents:

2892

Message:

update mask for csrInfo

Changes:

M	/branches/ErmaC/Enoch/i386/boot2/boot.c

File differences

-231
232 232
233 233
234 
235 234
236 235
237 236
... ...
1321 1320
1322 1321
1323 1322
1324 
1323
1325 1324
1326 1325
1327 
1328 
1326
1327
1329 1328
1330 1329
1331 1330
... ...
1350 1349
1351 1350
1352 1351
1353 
1352
1353
1354
1354 1355
1355 
1356
1356 1357
1357 1358
1358 
1359
1359 1360
1360 1361
1361 1362
1362 
1363
1363 1364
1364 1365
1365 1366
1366 1367
1367 1368
1368 
1369 
1370 
1371 
1372 
1373 
1374 
1375 
1376 
1369
1370
1371
1372
1373
1374
1375
1376
1377
1377 1378
1378 1379
1379 1380
+// ===============================================================================␊
␊
␉gMacOSVersion[0] = 0;␊
␉// TODO identify sierra as macOS␊
␉verbose("Booting on %s %s (%s)\n", (MacOSVerCurrent < MacOSVer2Int("10.8")) ? "Mac OS X" : (MacOSVerCurrent < MacOSVer2Int("10.12")) ? "OS X" : "macOS", gBootVolume->OSFullVer, gBootVolume->OSBuildVer );␊
␊
␉setupBooterArgs();␊

␉␉}␊
␉␉else␊
␉␉{␊
␉␉␉bootArgs->flags␉␉|= kBootArgsFlagCSRActiveConfig;␊
␉␉␉bootArgs->flags␉|= kBootArgsFlagCSRActiveConfig;␊
␉␉}␊
␊
␉␉// Set limit to 7bit␊
␉␉if ( getIntForKey(kCsrActiveConfig, &csrValue, &bootInfo->chameleonConfig) && (csrValue >= 0 && csrValue <= 127) )␊
␉␉// Set limit to 8bit␊
␉␉if ( getIntForKey(kCsrActiveConfig, &csrValue, &bootInfo->chameleonConfig) && (csrValue >= 0 && csrValue <= 255) )␊
␉␉{␊
␉␉␉bootArgs->csrActiveConfig␉= csrValue;␊
␉␉␉csrInfo(csrValue, 1);␊

// ErmaC␊
void csrInfo(int csrValue, bool custom)␊
{␊
␉int mask = 0x20;␊
#define CSR_BITS 0x080␊
␊
␉int mask = CSR_BITS;␊
␉verbose("System Integrity Protection status: %s ", (csrValue == 0) ? "enabled":"disabled");␊
␉verbose("(%s Configuration).\nCsrActiveConfig = 0x%02x (", custom ? "Custom":"Default", csrValue);␊
␉verbose("(%s Configuration).\nCsrActiveConfig = 0x%02X (", custom ? "Custom":"Default", csrValue);␊
␊
␉// Display integer number into binary using bitwise operator␊
␉((csrValue & 0x20) == 0) ? verbose("0"): verbose("1");␊
␉((csrValue & 0x020) == 0) ? verbose("0"): verbose("1");␊
␉while (mask != 0)␊
␉{␊
␉␉( ((csrValue & mask) == 0) ? verbose("0"): verbose("1") );␊
␉␉mask = mask >> 1;␊
␉␉mask = mask >> 1; // Right Shift␊
␉}␊
␉verbose(")\n");␊
␉if (csrValue != 0)␊
␉{␊
␉␉verbose("\nConfiguration:\n");␊
␉␉verbose("Kext Signing: %s\n", ((csrValue & 0x01) == 0) ? "enabled":"disabled");           /* (1 << 0) Allow untrusted kexts */␊
␉␉verbose("Filesystem Protections: %s\n", ((csrValue & 0x02) == 0) ? "enabled":"disabled"); /* (1 << 1) Allow unrestricted file system. */␊
␉␉verbose("Task for PID: %s\n", ((csrValue & 0x04) == 0) ? "enabled":"disabled");           /* (1 << 2) */␊
␉␉verbose("Debugging Restrictions: %s\n", ((csrValue & 0x08) == 0) ? "enabled":"disabled"); /* (1 << 3) */␊
␉␉verbose("Apple Internal: %s\n", ((csrValue & 0x10) == 0) ? "enabled":"disabled");         /* (1 << 4) */␊
␉␉verbose("DTrace Restrictions: %s\n", ((csrValue & 0x20) == 0) ? "enabled":"disabled");    /* (1 << 5) Allow unrestricted dtrace */␊
␉␉verbose("NVRAM Protections: %s\n", ((csrValue & 0x40) == 0) ? "enabled":"disabled");      /* (1 << 6) Allow unrestricted NVRAM */␊
//␉␉verbose("DEVICE configuration: %s\n", ((csrValue & 0x80) == 0) ? "enabled":"disabled");   /* (1 << 7) Allow device configuration */␊
//␉␉verbose("Disable BaseSystem Verification: %s\n", ((csrValue & 0x100) == 0) ? "enabled":"disabled");   /* (1 << 8) Disable BaseSystem Verification */␊
␉␉verbose("Kext Signing: %s\n", ((csrValue & 0x001) == 0) ? "enabled":"disabled");           /* (1 << 0) Allow untrusted kexts */␊
␉␉verbose("Filesystem Protections: %s\n", ((csrValue & 0x002) == 0) ? "enabled":"disabled"); /* (1 << 1) Allow unrestricted file system. */␊
␉␉verbose("Task for PID: %s\n", ((csrValue & 0x004) == 0) ? "enabled":"disabled");           /* (1 << 2) */␊
␉␉verbose("Debugging Restrictions: %s\n", ((csrValue & 0x008) == 0) ? "enabled":"disabled"); /* (1 << 3) */␊
␉␉verbose("Apple Internal: %s\n", ((csrValue & 0x010) == 0) ? "enabled":"disabled");         /* (1 << 4) */␊
␉␉verbose("DTrace Restrictions: %s\n", ((csrValue & 0x020) == 0) ? "enabled":"disabled");    /* (1 << 5) Allow unrestricted dtrace */␊
␉␉verbose("NVRAM Protections: %s\n", ((csrValue & 0x040) == 0) ? "enabled":"disabled");      /* (1 << 6) Allow unrestricted NVRAM */␊
␉␉verbose("Device configuration: %s\n", ((csrValue & 0x080) == 0) ? "enabled":"disabled");   /* (1 << 7) Allow device configuration */␊
␉␉verbose("BaseSystem Verification: %s\n", ((csrValue & 0x100) == 0) ? "enabled":"disabled");   /* (1 << 8) Allow any Recovery OS */␊
␉}␊
␉verbose("\n");␊
}␊
 ...
 ...
 // ===============================================================================␊
 ␊
 ␉gMacOSVersion[0] = 0;␊
-␉// TODO identify sierra as macOS␊
 ␉verbose("Booting on %s %s (%s)\n", (MacOSVerCurrent < MacOSVer2Int("10.8")) ? "Mac OS X" : (MacOSVerCurrent < MacOSVer2Int("10.12")) ? "OS X" : "macOS", gBootVolume->OSFullVer, gBootVolume->OSBuildVer );␊
 ␊
 ␉setupBooterArgs();␊
 ␉␉}␊
 ␉␉else␊
 ␉␉{␊
-␉␉␉bootArgs->flags␉␉|= kBootArgsFlagCSRActiveConfig;␊
+␉␉␉bootArgs->flags␉|= kBootArgsFlagCSRActiveConfig;␊
 ␉␉}␊
 ␊
-␉␉// Set limit to 7bit␊
-␉␉if ( getIntForKey(kCsrActiveConfig, &csrValue, &bootInfo->chameleonConfig) && (csrValue >= 0 && csrValue <= 127) )␊
+␉␉// Set limit to 8bit␊
+␉␉if ( getIntForKey(kCsrActiveConfig, &csrValue, &bootInfo->chameleonConfig) && (csrValue >= 0 && csrValue <= 255) )␊
 ␉␉{␊
 ␉␉␉bootArgs->csrActiveConfig␉= csrValue;␊
 ␉␉␉csrInfo(csrValue, 1);␊
 // ErmaC␊
 void csrInfo(int csrValue, bool custom)␊
 {␊
-␉int mask = 0x20;␊
+#define CSR_BITS 0x080␊
+␊
+␉int mask = CSR_BITS;␊
 ␉verbose("System Integrity Protection status: %s ", (csrValue == 0) ? "enabled":"disabled");␊
-␉verbose("(%s Configuration).\nCsrActiveConfig = 0x%02x (", custom ? "Custom":"Default", csrValue);␊
+␉verbose("(%s Configuration).\nCsrActiveConfig = 0x%02X (", custom ? "Custom":"Default", csrValue);␊
 ␊
 ␉// Display integer number into binary using bitwise operator␊
-␉((csrValue & 0x20) == 0) ? verbose("0"): verbose("1");␊
+␉((csrValue & 0x020) == 0) ? verbose("0"): verbose("1");␊
 ␉while (mask != 0)␊
 ␉{␊
 ␉␉( ((csrValue & mask) == 0) ? verbose("0"): verbose("1") );␊
-␉␉mask = mask >> 1;␊
+␉␉mask = mask >> 1; // Right Shift␊
 ␉}␊
 ␉verbose(")\n");␊
 ␉if (csrValue != 0)␊
 ␉{␊
 ␉␉verbose("\nConfiguration:\n");␊
-␉␉verbose("Kext Signing: %s\n", ((csrValue & 0x01) == 0) ? "enabled":"disabled");           /* (1 << 0) Allow untrusted kexts */␊
-␉␉verbose("Filesystem Protections: %s\n", ((csrValue & 0x02) == 0) ? "enabled":"disabled"); /* (1 << 1) Allow unrestricted file system. */␊
-␉␉verbose("Task for PID: %s\n", ((csrValue & 0x04) == 0) ? "enabled":"disabled");           /* (1 << 2) */␊
-␉␉verbose("Debugging Restrictions: %s\n", ((csrValue & 0x08) == 0) ? "enabled":"disabled"); /* (1 << 3) */␊
-␉␉verbose("Apple Internal: %s\n", ((csrValue & 0x10) == 0) ? "enabled":"disabled");         /* (1 << 4) */␊
-␉␉verbose("DTrace Restrictions: %s\n", ((csrValue & 0x20) == 0) ? "enabled":"disabled");    /* (1 << 5) Allow unrestricted dtrace */␊
-␉␉verbose("NVRAM Protections: %s\n", ((csrValue & 0x40) == 0) ? "enabled":"disabled");      /* (1 << 6) Allow unrestricted NVRAM */␊
-//␉␉verbose("DEVICE configuration: %s\n", ((csrValue & 0x80) == 0) ? "enabled":"disabled");   /* (1 << 7) Allow device configuration */␊
-//␉␉verbose("Disable BaseSystem Verification: %s\n", ((csrValue & 0x100) == 0) ? "enabled":"disabled");   /* (1 << 8) Disable BaseSystem Verification */␊
+␉␉verbose("Kext Signing: %s\n", ((csrValue & 0x001) == 0) ? "enabled":"disabled");           /* (1 << 0) Allow untrusted kexts */␊
+␉␉verbose("Filesystem Protections: %s\n", ((csrValue & 0x002) == 0) ? "enabled":"disabled"); /* (1 << 1) Allow unrestricted file system. */␊
+␉␉verbose("Task for PID: %s\n", ((csrValue & 0x004) == 0) ? "enabled":"disabled");           /* (1 << 2) */␊
+␉␉verbose("Debugging Restrictions: %s\n", ((csrValue & 0x008) == 0) ? "enabled":"disabled"); /* (1 << 3) */␊
+␉␉verbose("Apple Internal: %s\n", ((csrValue & 0x010) == 0) ? "enabled":"disabled");         /* (1 << 4) */␊
+␉␉verbose("DTrace Restrictions: %s\n", ((csrValue & 0x020) == 0) ? "enabled":"disabled");    /* (1 << 5) Allow unrestricted dtrace */␊
+␉␉verbose("NVRAM Protections: %s\n", ((csrValue & 0x040) == 0) ? "enabled":"disabled");      /* (1 << 6) Allow unrestricted NVRAM */␊
+␉␉verbose("Device configuration: %s\n", ((csrValue & 0x080) == 0) ? "enabled":"disabled");   /* (1 << 7) Allow device configuration */␊
+␉␉verbose("BaseSystem Verification: %s\n", ((csrValue & 0x100) == 0) ? "enabled":"disabled");   /* (1 << 8) Allow any Recovery OS */␊
 ␉}␊
 ␉verbose("\n");␊
 }␊

Download the corresponding diff file