1*a1e26a70SApple OSS Distributions#!/bin/bash 2*a1e26a70SApple OSS Distributions 3*a1e26a70SApple OSS Distributions# 4*a1e26a70SApple OSS Distributions# kasan_install: set up a system to run the KASan kernel. Run with "--uninstall" 5*a1e26a70SApple OSS Distributions# to reverse the setup. 6*a1e26a70SApple OSS Distributions# 7*a1e26a70SApple OSS Distributions# Adds kcsuffix=kasan to boot-args. 8*a1e26a70SApple OSS Distributions# 9*a1e26a70SApple OSS Distributions 10*a1e26a70SApple OSS Distributions 11*a1e26a70SApple OSS Distributionsif [[ `whoami` != root ]] ; then 12*a1e26a70SApple OSS Distributions echo "Re-running with sudo" 13*a1e26a70SApple OSS Distributions sudo "$0" "$@" 14*a1e26a70SApple OSS Distributions exit $? 15*a1e26a70SApple OSS Distributionsfi 16*a1e26a70SApple OSS Distributions 17*a1e26a70SApple OSS Distributionssip_enabled() { 18*a1e26a70SApple OSS Distributions csrutil status |grep -q enabled 19*a1e26a70SApple OSS Distributions} 20*a1e26a70SApple OSS Distributions 21*a1e26a70SApple OSS Distributionsprompt() { 22*a1e26a70SApple OSS Distributions echo -n "$@ [y/N] " 23*a1e26a70SApple OSS Distributions read ans 24*a1e26a70SApple OSS Distributions case "$ans" in 25*a1e26a70SApple OSS Distributions [yY]*) return 0 ;; 26*a1e26a70SApple OSS Distributions *) return 1 ;; 27*a1e26a70SApple OSS Distributions esac 28*a1e26a70SApple OSS Distributions} 29*a1e26a70SApple OSS Distributions 30*a1e26a70SApple OSS Distributionskasan_install() { 31*a1e26a70SApple OSS Distributions 32*a1e26a70SApple OSS Distributions dobootargs=0 33*a1e26a70SApple OSS Distributions 34*a1e26a70SApple OSS Distributions echo -n "Checking KASan boot args... " 35*a1e26a70SApple OSS Distributions 36*a1e26a70SApple OSS Distributions bootargs=$(nvram boot-args | cut -f2) 37*a1e26a70SApple OSS Distributions cursuffix=$(echo $bootargs | sed -n 's/.*kcsuffix=\([^ ]\)/\1/p') 38*a1e26a70SApple OSS Distributions 39*a1e26a70SApple OSS Distributions if [[ "$cursuffix" == kasan ]] ; then 40*a1e26a70SApple OSS Distributions echo "already set." 41*a1e26a70SApple OSS Distributions elif [[ -n "$cursuffix" ]] ; then 42*a1e26a70SApple OSS Distributions prompt "custom kcsuffix ($cursuffix) is set. Overwrite?" && { 43*a1e26a70SApple OSS Distributions bootargs=$(echo "$bootargs" | sed 's/[ ]*kcsuffix=[^ ]*//') 44*a1e26a70SApple OSS Distributions dobootargs=1 45*a1e26a70SApple OSS Distributions } 46*a1e26a70SApple OSS Distributions else 47*a1e26a70SApple OSS Distributions prompt "not set. Modify?" && { 48*a1e26a70SApple OSS Distributions dobootargs=1 49*a1e26a70SApple OSS Distributions } 50*a1e26a70SApple OSS Distributions fi 51*a1e26a70SApple OSS Distributions 52*a1e26a70SApple OSS Distributions [[ $dobootargs -eq 1 ]] && { 53*a1e26a70SApple OSS Distributions echo -n "Adding boot arg kcsuffix=kasan... " 54*a1e26a70SApple OSS Distributions newlen=$(echo -n "$bootargs kcsuffix=kasan" |wc -c) 55*a1e26a70SApple OSS Distributions if [[ $newlen -ge 512 ]] ; then 56*a1e26a70SApple OSS Distributions echo "boot-args too long. Bailing." 57*a1e26a70SApple OSS Distributions exit 3 58*a1e26a70SApple OSS Distributions fi 59*a1e26a70SApple OSS Distributions 60*a1e26a70SApple OSS Distributions nvram boot-args="$bootargs kcsuffix=kasan" || exit $? 61*a1e26a70SApple OSS Distributions echo "done." 62*a1e26a70SApple OSS Distributions } 63*a1e26a70SApple OSS Distributions 64*a1e26a70SApple OSS Distributions} 65*a1e26a70SApple OSS Distributions 66*a1e26a70SApple OSS Distributions 67*a1e26a70SApple OSS Distributionskasan_uninstall() { 68*a1e26a70SApple OSS Distributions 69*a1e26a70SApple OSS Distributions echo -n "Removing boot args... " 70*a1e26a70SApple OSS Distributions 71*a1e26a70SApple OSS Distributions bootargs=$(nvram boot-args | cut -f2) 72*a1e26a70SApple OSS Distributions cursuffix=$(echo $bootargs | sed -n 's/.*kcsuffix=\([^ ]\)/\1/p') 73*a1e26a70SApple OSS Distributions 74*a1e26a70SApple OSS Distributions if [[ $cursuffix == "kasan" ]] ; then 75*a1e26a70SApple OSS Distributions prompt "remove kcsuffix=kasan?" && { 76*a1e26a70SApple OSS Distributions echo -n "Removing kcsuffix... " 77*a1e26a70SApple OSS Distributions bootargs=$(echo "$bootargs" | sed 's/[ ]*kcsuffix=[^ ]*//') 78*a1e26a70SApple OSS Distributions nvram boot-args="$bootargs" 79*a1e26a70SApple OSS Distributions echo "done." 80*a1e26a70SApple OSS Distributions } 81*a1e26a70SApple OSS Distributions else 82*a1e26a70SApple OSS Distributions echo "not set." 83*a1e26a70SApple OSS Distributions fi 84*a1e26a70SApple OSS Distributions 85*a1e26a70SApple OSS Distributions} 86*a1e26a70SApple OSS Distributions 87*a1e26a70SApple OSS Distributionscase "$1" in 88*a1e26a70SApple OSS Distributions *uninstall|*del*|*remove|*rm) 89*a1e26a70SApple OSS Distributions kasan_uninstall ;; 90*a1e26a70SApple OSS Distributions *) 91*a1e26a70SApple OSS Distributions kasan_install ;; 92*a1e26a70SApple OSS Distributionsesac 93