1*94d3b452SApple OSS Distributions#!/bin/bash 2*94d3b452SApple OSS Distributions 3*94d3b452SApple OSS Distributions# 4*94d3b452SApple OSS Distributions# kasan_install: set up a system to run the KASan kernel. Run with "--uninstall" 5*94d3b452SApple OSS Distributions# to reverse the setup. 6*94d3b452SApple OSS Distributions# 7*94d3b452SApple OSS Distributions# Adds kcsuffix=kasan to boot-args. 8*94d3b452SApple OSS Distributions# 9*94d3b452SApple OSS Distributions 10*94d3b452SApple OSS Distributions 11*94d3b452SApple OSS Distributionsif [[ `whoami` != root ]] ; then 12*94d3b452SApple OSS Distributions echo "Re-running with sudo" 13*94d3b452SApple OSS Distributions sudo "$0" "$@" 14*94d3b452SApple OSS Distributions exit $? 15*94d3b452SApple OSS Distributionsfi 16*94d3b452SApple OSS Distributions 17*94d3b452SApple OSS Distributionssip_enabled() { 18*94d3b452SApple OSS Distributions csrutil status |grep -q enabled 19*94d3b452SApple OSS Distributions} 20*94d3b452SApple OSS Distributions 21*94d3b452SApple OSS Distributionsprompt() { 22*94d3b452SApple OSS Distributions echo -n "$@ [y/N] " 23*94d3b452SApple OSS Distributions read ans 24*94d3b452SApple OSS Distributions case "$ans" in 25*94d3b452SApple OSS Distributions [yY]*) return 0 ;; 26*94d3b452SApple OSS Distributions *) return 1 ;; 27*94d3b452SApple OSS Distributions esac 28*94d3b452SApple OSS Distributions} 29*94d3b452SApple OSS Distributions 30*94d3b452SApple OSS Distributionskasan_install() { 31*94d3b452SApple OSS Distributions 32*94d3b452SApple OSS Distributions dobootargs=0 33*94d3b452SApple OSS Distributions 34*94d3b452SApple OSS Distributions echo -n "Checking KASan boot args... " 35*94d3b452SApple OSS Distributions 36*94d3b452SApple OSS Distributions bootargs=$(nvram boot-args | cut -f2) 37*94d3b452SApple OSS Distributions cursuffix=$(echo $bootargs | sed -n 's/.*kcsuffix=\([^ ]\)/\1/p') 38*94d3b452SApple OSS Distributions 39*94d3b452SApple OSS Distributions if [[ "$cursuffix" == kasan ]] ; then 40*94d3b452SApple OSS Distributions echo "already set." 41*94d3b452SApple OSS Distributions elif [[ -n "$cursuffix" ]] ; then 42*94d3b452SApple OSS Distributions prompt "custom kcsuffix ($cursuffix) is set. Overwrite?" && { 43*94d3b452SApple OSS Distributions bootargs=$(echo "$bootargs" | sed 's/[ ]*kcsuffix=[^ ]*//') 44*94d3b452SApple OSS Distributions dobootargs=1 45*94d3b452SApple OSS Distributions } 46*94d3b452SApple OSS Distributions else 47*94d3b452SApple OSS Distributions prompt "not set. Modify?" && { 48*94d3b452SApple OSS Distributions dobootargs=1 49*94d3b452SApple OSS Distributions } 50*94d3b452SApple OSS Distributions fi 51*94d3b452SApple OSS Distributions 52*94d3b452SApple OSS Distributions [[ $dobootargs -eq 1 ]] && { 53*94d3b452SApple OSS Distributions echo -n "Adding boot arg kcsuffix=kasan... " 54*94d3b452SApple OSS Distributions newlen=$(echo -n "$bootargs kcsuffix=kasan" |wc -c) 55*94d3b452SApple OSS Distributions if [[ $newlen -ge 512 ]] ; then 56*94d3b452SApple OSS Distributions echo "boot-args too long. Bailing." 57*94d3b452SApple OSS Distributions exit 3 58*94d3b452SApple OSS Distributions fi 59*94d3b452SApple OSS Distributions 60*94d3b452SApple OSS Distributions nvram boot-args="$bootargs kcsuffix=kasan" || exit $? 61*94d3b452SApple OSS Distributions echo "done." 62*94d3b452SApple OSS Distributions } 63*94d3b452SApple OSS Distributions 64*94d3b452SApple OSS Distributions} 65*94d3b452SApple OSS Distributions 66*94d3b452SApple OSS Distributions 67*94d3b452SApple OSS Distributionskasan_uninstall() { 68*94d3b452SApple OSS Distributions 69*94d3b452SApple OSS Distributions echo -n "Removing boot args... " 70*94d3b452SApple OSS Distributions 71*94d3b452SApple OSS Distributions bootargs=$(nvram boot-args | cut -f2) 72*94d3b452SApple OSS Distributions cursuffix=$(echo $bootargs | sed -n 's/.*kcsuffix=\([^ ]\)/\1/p') 73*94d3b452SApple OSS Distributions 74*94d3b452SApple OSS Distributions if [[ $cursuffix == "kasan" ]] ; then 75*94d3b452SApple OSS Distributions prompt "remove kcsuffix=kasan?" && { 76*94d3b452SApple OSS Distributions echo -n "Removing kcsuffix... " 77*94d3b452SApple OSS Distributions bootargs=$(echo "$bootargs" | sed 's/[ ]*kcsuffix=[^ ]*//') 78*94d3b452SApple OSS Distributions nvram boot-args="$bootargs" 79*94d3b452SApple OSS Distributions echo "done." 80*94d3b452SApple OSS Distributions } 81*94d3b452SApple OSS Distributions else 82*94d3b452SApple OSS Distributions echo "not set." 83*94d3b452SApple OSS Distributions fi 84*94d3b452SApple OSS Distributions 85*94d3b452SApple OSS Distributions} 86*94d3b452SApple OSS Distributions 87*94d3b452SApple OSS Distributionscase "$1" in 88*94d3b452SApple OSS Distributions *uninstall|*del*|*remove|*rm) 89*94d3b452SApple OSS Distributions kasan_uninstall ;; 90*94d3b452SApple OSS Distributions *) 91*94d3b452SApple OSS Distributions kasan_install ;; 92*94d3b452SApple OSS Distributionsesac 93