1*42e22086SApple OSS Distributions#!/bin/bash 2*42e22086SApple OSS Distributions 3*42e22086SApple OSS Distributions# 4*42e22086SApple OSS Distributions# kasan_install: set up a system to run the KASan kernel. Run with "--uninstall" 5*42e22086SApple OSS Distributions# to reverse the setup. 6*42e22086SApple OSS Distributions# 7*42e22086SApple OSS Distributions# Adds kcsuffix=kasan to boot-args. 8*42e22086SApple OSS Distributions# 9*42e22086SApple OSS Distributions 10*42e22086SApple OSS Distributions 11*42e22086SApple OSS Distributionsif [[ `whoami` != root ]] ; then 12*42e22086SApple OSS Distributions echo "Re-running with sudo" 13*42e22086SApple OSS Distributions sudo "$0" "$@" 14*42e22086SApple OSS Distributions exit $? 15*42e22086SApple OSS Distributionsfi 16*42e22086SApple OSS Distributions 17*42e22086SApple OSS Distributionssip_enabled() { 18*42e22086SApple OSS Distributions csrutil status |grep -q enabled 19*42e22086SApple OSS Distributions} 20*42e22086SApple OSS Distributions 21*42e22086SApple OSS Distributionsprompt() { 22*42e22086SApple OSS Distributions echo -n "$@ [y/N] " 23*42e22086SApple OSS Distributions read ans 24*42e22086SApple OSS Distributions case "$ans" in 25*42e22086SApple OSS Distributions [yY]*) return 0 ;; 26*42e22086SApple OSS Distributions *) return 1 ;; 27*42e22086SApple OSS Distributions esac 28*42e22086SApple OSS Distributions} 29*42e22086SApple OSS Distributions 30*42e22086SApple OSS Distributionskasan_install() { 31*42e22086SApple OSS Distributions 32*42e22086SApple OSS Distributions dobootargs=0 33*42e22086SApple OSS Distributions 34*42e22086SApple OSS Distributions echo -n "Checking KASan boot args... " 35*42e22086SApple OSS Distributions 36*42e22086SApple OSS Distributions bootargs=$(nvram boot-args | cut -f2) 37*42e22086SApple OSS Distributions cursuffix=$(echo $bootargs | sed -n 's/.*kcsuffix=\([^ ]\)/\1/p') 38*42e22086SApple OSS Distributions 39*42e22086SApple OSS Distributions if [[ "$cursuffix" == kasan ]] ; then 40*42e22086SApple OSS Distributions echo "already set." 41*42e22086SApple OSS Distributions elif [[ -n "$cursuffix" ]] ; then 42*42e22086SApple OSS Distributions prompt "custom kcsuffix ($cursuffix) is set. Overwrite?" && { 43*42e22086SApple OSS Distributions bootargs=$(echo "$bootargs" | sed 's/[ ]*kcsuffix=[^ ]*//') 44*42e22086SApple OSS Distributions dobootargs=1 45*42e22086SApple OSS Distributions } 46*42e22086SApple OSS Distributions else 47*42e22086SApple OSS Distributions prompt "not set. Modify?" && { 48*42e22086SApple OSS Distributions dobootargs=1 49*42e22086SApple OSS Distributions } 50*42e22086SApple OSS Distributions fi 51*42e22086SApple OSS Distributions 52*42e22086SApple OSS Distributions [[ $dobootargs -eq 1 ]] && { 53*42e22086SApple OSS Distributions echo -n "Adding boot arg kcsuffix=kasan... " 54*42e22086SApple OSS Distributions newlen=$(echo -n "$bootargs kcsuffix=kasan" |wc -c) 55*42e22086SApple OSS Distributions if [[ $newlen -ge 512 ]] ; then 56*42e22086SApple OSS Distributions echo "boot-args too long. Bailing." 57*42e22086SApple OSS Distributions exit 3 58*42e22086SApple OSS Distributions fi 59*42e22086SApple OSS Distributions 60*42e22086SApple OSS Distributions nvram boot-args="$bootargs kcsuffix=kasan" || exit $? 61*42e22086SApple OSS Distributions echo "done." 62*42e22086SApple OSS Distributions } 63*42e22086SApple OSS Distributions 64*42e22086SApple OSS Distributions} 65*42e22086SApple OSS Distributions 66*42e22086SApple OSS Distributions 67*42e22086SApple OSS Distributionskasan_uninstall() { 68*42e22086SApple OSS Distributions 69*42e22086SApple OSS Distributions echo -n "Removing boot args... " 70*42e22086SApple OSS Distributions 71*42e22086SApple OSS Distributions bootargs=$(nvram boot-args | cut -f2) 72*42e22086SApple OSS Distributions cursuffix=$(echo $bootargs | sed -n 's/.*kcsuffix=\([^ ]\)/\1/p') 73*42e22086SApple OSS Distributions 74*42e22086SApple OSS Distributions if [[ $cursuffix == "kasan" ]] ; then 75*42e22086SApple OSS Distributions prompt "remove kcsuffix=kasan?" && { 76*42e22086SApple OSS Distributions echo -n "Removing kcsuffix... " 77*42e22086SApple OSS Distributions bootargs=$(echo "$bootargs" | sed 's/[ ]*kcsuffix=[^ ]*//') 78*42e22086SApple OSS Distributions nvram boot-args="$bootargs" 79*42e22086SApple OSS Distributions echo "done." 80*42e22086SApple OSS Distributions } 81*42e22086SApple OSS Distributions else 82*42e22086SApple OSS Distributions echo "not set." 83*42e22086SApple OSS Distributions fi 84*42e22086SApple OSS Distributions 85*42e22086SApple OSS Distributions} 86*42e22086SApple OSS Distributions 87*42e22086SApple OSS Distributionscase "$1" in 88*42e22086SApple OSS Distributions *uninstall|*del*|*remove|*rm) 89*42e22086SApple OSS Distributions kasan_uninstall ;; 90*42e22086SApple OSS Distributions *) 91*42e22086SApple OSS Distributions kasan_install ;; 92*42e22086SApple OSS Distributionsesac 93