1*4d495c6eSApple OSS Distributions#!/bin/bash 2*4d495c6eSApple OSS Distributions 3*4d495c6eSApple OSS Distributions# 4*4d495c6eSApple OSS Distributions# kasan_install: set up a system to run the KASan kernel. Run with "--uninstall" 5*4d495c6eSApple OSS Distributions# to reverse the setup. 6*4d495c6eSApple OSS Distributions# 7*4d495c6eSApple OSS Distributions# Adds kcsuffix=kasan to boot-args. 8*4d495c6eSApple OSS Distributions# 9*4d495c6eSApple OSS Distributions 10*4d495c6eSApple OSS Distributions 11*4d495c6eSApple OSS Distributionsif [[ `whoami` != root ]] ; then 12*4d495c6eSApple OSS Distributions echo "Re-running with sudo" 13*4d495c6eSApple OSS Distributions sudo "$0" "$@" 14*4d495c6eSApple OSS Distributions exit $? 15*4d495c6eSApple OSS Distributionsfi 16*4d495c6eSApple OSS Distributions 17*4d495c6eSApple OSS Distributionssip_enabled() { 18*4d495c6eSApple OSS Distributions csrutil status |grep -q enabled 19*4d495c6eSApple OSS Distributions} 20*4d495c6eSApple OSS Distributions 21*4d495c6eSApple OSS Distributionsprompt() { 22*4d495c6eSApple OSS Distributions echo -n "$@ [y/N] " 23*4d495c6eSApple OSS Distributions read ans 24*4d495c6eSApple OSS Distributions case "$ans" in 25*4d495c6eSApple OSS Distributions [yY]*) return 0 ;; 26*4d495c6eSApple OSS Distributions *) return 1 ;; 27*4d495c6eSApple OSS Distributions esac 28*4d495c6eSApple OSS Distributions} 29*4d495c6eSApple OSS Distributions 30*4d495c6eSApple OSS Distributionskasan_install() { 31*4d495c6eSApple OSS Distributions 32*4d495c6eSApple OSS Distributions dobootargs=0 33*4d495c6eSApple OSS Distributions 34*4d495c6eSApple OSS Distributions echo -n "Checking KASan boot args... " 35*4d495c6eSApple OSS Distributions 36*4d495c6eSApple OSS Distributions bootargs=$(nvram boot-args | cut -f2) 37*4d495c6eSApple OSS Distributions cursuffix=$(echo $bootargs | sed -n 's/.*kcsuffix=\([^ ]\)/\1/p') 38*4d495c6eSApple OSS Distributions 39*4d495c6eSApple OSS Distributions if [[ "$cursuffix" == kasan ]] ; then 40*4d495c6eSApple OSS Distributions echo "already set." 41*4d495c6eSApple OSS Distributions elif [[ -n "$cursuffix" ]] ; then 42*4d495c6eSApple OSS Distributions prompt "custom kcsuffix ($cursuffix) is set. Overwrite?" && { 43*4d495c6eSApple OSS Distributions bootargs=$(echo "$bootargs" | sed 's/[ ]*kcsuffix=[^ ]*//') 44*4d495c6eSApple OSS Distributions dobootargs=1 45*4d495c6eSApple OSS Distributions } 46*4d495c6eSApple OSS Distributions else 47*4d495c6eSApple OSS Distributions prompt "not set. Modify?" && { 48*4d495c6eSApple OSS Distributions dobootargs=1 49*4d495c6eSApple OSS Distributions } 50*4d495c6eSApple OSS Distributions fi 51*4d495c6eSApple OSS Distributions 52*4d495c6eSApple OSS Distributions [[ $dobootargs -eq 1 ]] && { 53*4d495c6eSApple OSS Distributions echo -n "Adding boot arg kcsuffix=kasan... " 54*4d495c6eSApple OSS Distributions newlen=$(echo -n "$bootargs kcsuffix=kasan" |wc -c) 55*4d495c6eSApple OSS Distributions if [[ $newlen -ge 512 ]] ; then 56*4d495c6eSApple OSS Distributions echo "boot-args too long. Bailing." 57*4d495c6eSApple OSS Distributions exit 3 58*4d495c6eSApple OSS Distributions fi 59*4d495c6eSApple OSS Distributions 60*4d495c6eSApple OSS Distributions nvram boot-args="$bootargs kcsuffix=kasan" || exit $? 61*4d495c6eSApple OSS Distributions echo "done." 62*4d495c6eSApple OSS Distributions } 63*4d495c6eSApple OSS Distributions 64*4d495c6eSApple OSS Distributions} 65*4d495c6eSApple OSS Distributions 66*4d495c6eSApple OSS Distributions 67*4d495c6eSApple OSS Distributionskasan_uninstall() { 68*4d495c6eSApple OSS Distributions 69*4d495c6eSApple OSS Distributions echo -n "Removing boot args... " 70*4d495c6eSApple OSS Distributions 71*4d495c6eSApple OSS Distributions bootargs=$(nvram boot-args | cut -f2) 72*4d495c6eSApple OSS Distributions cursuffix=$(echo $bootargs | sed -n 's/.*kcsuffix=\([^ ]\)/\1/p') 73*4d495c6eSApple OSS Distributions 74*4d495c6eSApple OSS Distributions if [[ $cursuffix == "kasan" ]] ; then 75*4d495c6eSApple OSS Distributions prompt "remove kcsuffix=kasan?" && { 76*4d495c6eSApple OSS Distributions echo -n "Removing kcsuffix... " 77*4d495c6eSApple OSS Distributions bootargs=$(echo "$bootargs" | sed 's/[ ]*kcsuffix=[^ ]*//') 78*4d495c6eSApple OSS Distributions nvram boot-args="$bootargs" 79*4d495c6eSApple OSS Distributions echo "done." 80*4d495c6eSApple OSS Distributions } 81*4d495c6eSApple OSS Distributions else 82*4d495c6eSApple OSS Distributions echo "not set." 83*4d495c6eSApple OSS Distributions fi 84*4d495c6eSApple OSS Distributions 85*4d495c6eSApple OSS Distributions} 86*4d495c6eSApple OSS Distributions 87*4d495c6eSApple OSS Distributionscase "$1" in 88*4d495c6eSApple OSS Distributions *uninstall|*del*|*remove|*rm) 89*4d495c6eSApple OSS Distributions kasan_uninstall ;; 90*4d495c6eSApple OSS Distributions *) 91*4d495c6eSApple OSS Distributions kasan_install ;; 92*4d495c6eSApple OSS Distributionsesac 93