Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
btwise
OpenCorePKG_MOD
提交
319b8061
O
OpenCorePKG_MOD
项目概览
btwise
/
OpenCorePKG_MOD
通知
26
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
O
OpenCorePKG_MOD
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
319b8061
编写于
5月 08, 2019
作者:
V
vit9696
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
OpenCoreMisc: Replace ExposeBootPath with ExposeSensitiveData
上级
cc22373d
变更
9
隐藏空白更改
内联
并排
Showing
9 changed file
with
142 addition
and
56 deletion
+142
-56
Changelog.md
Changelog.md
+2
-0
Docs/Configuration.pdf
Docs/Configuration.pdf
+0
-0
Docs/Configuration.tex
Docs/Configuration.tex
+31
-23
Docs/Differences/Differences.pdf
Docs/Differences/Differences.pdf
+0
-0
Docs/Differences/Differences.tex
Docs/Differences/Differences.tex
+93
-19
Docs/Sample.plist
Docs/Sample.plist
+2
-2
Docs/SampleFull.plist
Docs/SampleFull.plist
+2
-2
Platform/OpenCore/OpenCoreMisc.c
Platform/OpenCore/OpenCoreMisc.c
+1
-1
Platform/OpenCore/OpenCoreNvram.c
Platform/OpenCore/OpenCoreNvram.c
+11
-9
未找到文件。
Changelog.md
浏览文件 @
319b8061
...
...
@@ -6,6 +6,8 @@ OpenCore Changelog
-
Platform information database updates
-
Fixed misbehaving Debug -> Target enable bit
-
Added
`ResetLogoStatus`
ACPI quirk
-
Added
`SpoofVendor`
PlatformInfo feature
-
Replaced
`ExposeBootPath`
with
`ExposeSensitiveData`
#### v0.0.1
-
Initial developer preview release
Docs/Configuration.pdf
浏览文件 @
319b8061
无法预览此类型文件
Docs/Configuration.tex
浏览文件 @
319b8061
...
...
@@ -1395,25 +1395,6 @@ behaviour that does not go to any other sections
\texttt
{
NOOPT
}
,
\texttt
{
RELEASE
}
.
\end{itemize}
\item
\texttt
{
ExposeBootPath
}
\\
\textbf
{
Type
}
:
\texttt
{
plist
\
boolean
}
\\
\textbf
{
Default value
}
:
\texttt
{
false
}
\\
\textbf
{
Description
}
: Expose printable booter path to OpenCore.efi or its booter
(depending on the load order) as an UEFI variable.
To obtain booter path use the following command in macOS:
\begin{lstlisting}
[label=nvrampath, style=ocbash]
nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:boot-path
\end{lstlisting}
To use booter path for mounting booter volume use the following command in macOS:
\begin{lstlisting}
[label=nvrampathmount, style=ocbash]
u=
$
(
nvram
4
D
1
FDA
02
-
38
C
7
-
4
A
6
A
-
9
CC
6
-
4
BCCA
8
B
30102
:boot
-
path | sed 's
/
.
*
GPT,
\(
[
^
,
]*
\)
,.*/
\1
/');
\
if [ "
$
u"
!=
""
]
; then sudo diskutil mount
$
u ; fi
\end{lstlisting}
\item
\texttt
{
Target
}
\\
\textbf
{
Type
}
:
\texttt
{
plist
\
integer
}
\\
...
...
@@ -1461,10 +1442,7 @@ nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:boot-log |
While OpenCore boot log already contains basic version information with build type and
date, this data may also be found in NVRAM in
\texttt
{
opencore-version
}
variable
even with boot log disabled:
\begin{lstlisting}
[label=nvramver, style=ocbash]
nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:opencore-version
\end{lstlisting}
even with boot log disabled.
File logging will create a file named
\texttt
{
opencore.log
}
at EFI volume root with
log contents. Please be warned that some file system drivers present in firmwares are
...
...
@@ -1477,6 +1455,36 @@ nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:opencore-version
\subsection
{
Security Properties
}
\label
{
miscsecurityprops
}
\begin{enumerate}
\item
\texttt
{
ExposeSensitiveData
}
\\
\textbf
{
Type
}
:
\texttt
{
plist
\
integer
}
\\
\textbf
{
Default value
}
:
\texttt
{
2
}
\\
\textbf
{
Description
}
: Sensitive data exposure bitmask (sum) to operating system.
\begin{itemize}
\tightlist
\item
\texttt
{
0x01
}
--- Expose printable booter path as an UEFI variable.
\item
\texttt
{
0x02
}
--- Expose OpenCore version as an UEFI variable.
\end{itemize}
Exposed booter path points to OpenCore.efi or its booter depending on the load order.
To obtain booter path use the following command in macOS:
\begin{lstlisting}
[label=nvrampath, style=ocbash]
nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:boot-path
\end{lstlisting}
To use booter path for mounting booter volume use the following command in macOS:
\begin{lstlisting}
[label=nvrampathmount, style=ocbash]
u=
$
(
nvram
4
D
1
FDA
02
-
38
C
7
-
4
A
6
A
-
9
CC
6
-
4
BCCA
8
B
30102
:boot
-
path | sed 's
/
.
*
GPT,
\(
[
^
,
]*
\)
,.*/
\1
/');
\
if [ "
$
u"
!=
""
]
; then sudo diskutil mount
$
u ; fi
\end{lstlisting}
To obtain OpenCore version use the following command in macOS:
\begin{lstlisting}
[label=nvramver, style=ocbash]
nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:opencore-version
\end{lstlisting}
\item
\texttt
{
HaltLevel
}
\\
\textbf
{
Type
}
:
\texttt
{
plist
\
integer
}
, 64 bit
\\
...
...
Docs/Differences/Differences.pdf
浏览文件 @
319b8061
无法预览此类型文件
Docs/Differences/Differences.tex
浏览文件 @
319b8061
\documentclass
[]
{
article
}
%DIF LATEXDIFF DIFFERENCE FILE
%DIF DEL PreviousConfiguration.tex Fri May 3 12:13:06 2019
%DIF ADD ../Configuration.tex Wed May 8 22:
34:08
2019
%DIF ADD ../Configuration.tex Wed May 8 22:
55:04
2019
\usepackage
{
lmodern
}
\usepackage
{
amssymb,amsmath
}
...
...
@@ -1478,26 +1478,53 @@ behaviour that does not go to any other sections
\end{itemize}
\item
\texttt
{
ExposeBootPath
}
\\
\textbf
{
Type
}
:
\texttt
{
plist
\
boolean
}
\\
\textbf
{
Default value
}
:
\texttt
{
false
}
\\
\textbf
{
Description
}
: Expose printable booter path to OpenCore.efi or its booter
\DIFdelbegin
\texttt
{
\DIFdel
{
ExposeBootPath
}}
%DIFAUXCMD
%DIFDELCMD < \\
%DIFDELCMD < %%%
\textbf
{
\DIFdel
{
Type
}}
%DIFAUXCMD
\DIFdel
{
:
}
\texttt
{
\DIFdel
{
plist
\
boolean
}}
%DIFAUXCMD
%DIFDELCMD < \\
%DIFDELCMD < %%%
\textbf
{
\DIFdel
{
Default value
}}
%DIFAUXCMD
\DIFdel
{
:
}
\texttt
{
\DIFdel
{
false
}}
%DIFAUXCMD
%DIFDELCMD < \\
%DIFDELCMD < %%%
\textbf
{
\DIFdel
{
Description
}}
%DIFAUXCMD
\DIFdel
{
: Expose printable booter path to OpenCore.efi or its booter
(depending on the load order) as an UEFI variable.
}
%DIFDELCMD <
To obtain booter path use the following command in macOS:
\begin{lstlisting}
[label=nvrampath, style=ocbash]
nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:boot-path
%DIFDELCMD < %%%
\DIFdel
{
To obtain booter path use the following command in macOS:
}
%DIFDELCMD < \begin{lstlisting}[label=nvrampath, style=ocbash]
%DIFDELCMD < %%%
%DIFAUXCMD NEXT
\DIFmodbegin
\begin{lstlisting}
[label=nvrampath, style=ocbash,alsolanguage=DIFcode]
%DIF < nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:boot-path
\end{lstlisting}
\DIFmodend
%DIFAUXCMD
%DIFDELCMD < \end{lstlisting}
%DIFDELCMD <
To use booter path for mounting booter volume use the following command in macOS:
\begin{lstlisting}
[label=nvrampathmount, style=ocbash]
u=
$
(
nvram
4
D
1
FDA
02
-
38
C
7
-
4
A
6
A
-
9
CC
6
-
4
BCCA
8
B
30102
:boot
-
path | sed 's
/
.
*
GPT,
\(
[
^
,
]*
\)
,.*/
\1
/');
\
if [ "
$
u"
!=
""
]
; then sudo diskutil mount
$
u ; fi
%DIFDELCMD < %%%
\DIFdel
{
To use booter path for mounting booter volume use the following command in macOS:
}
%DIFDELCMD < \begin{lstlisting}[label=nvrampathmount, style=ocbash]
%DIFDELCMD < %%%
%DIFAUXCMD NEXT
\DIFmodbegin
\begin{lstlisting}
[label=nvrampathmount, style=ocbash,alsolanguage=DIFcode]
%DIF < u=$(nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:boot-path | sed 's/.*GPT,\([^,]*\),.*/\1/'); \
%DIF < if [ "$u" != "" ]; then sudo diskutil mount $u ; fi
\end{lstlisting}
\DIFmodend
%DIFAUXCMD
%DIFDELCMD < \end{lstlisting}
%DIFDELCMD <
\item
\texttt
{
Target
}
\\
%DIFDELCMD < \item
\item
%DIFAUXCMD
%DIFDELCMD < %%%
\DIFdelend
\texttt
{
Target
}
\\
\textbf
{
Type
}
:
\texttt
{
plist
\
integer
}
\\
\textbf
{
Default value
}
:
\texttt
{
0
}
\\
\textbf
{
Description
}
: A bitmask (sum) of enabled logging targets.
...
...
@@ -1544,10 +1571,19 @@ nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:boot-log |
\DIFaddend
While OpenCore boot log already contains basic version information with build type and
date, this data may also be found in NVRAM in
\texttt
{
opencore-version
}
variable
even with boot log disabled:
\begin{lstlisting}
[label=nvramver, style=ocbash]
nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:opencore-version
even with boot log disabled
\DIFdelbegin
\DIFdel
{
:
}
%DIFDELCMD < \begin{lstlisting}[label=nvramver, style=ocbash]
%DIFDELCMD < %%%
%DIFAUXCMD NEXT
\DIFmodbegin
\begin{lstlisting}
[label=nvramver, style=ocbash,alsolanguage=DIFcode]
%DIF < nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:opencore-version
\end{lstlisting}
\DIFmodend
%DIFAUXCMD
%DIFDELCMD < \end{lstlisting}
%DIFDELCMD < %%%
\DIFdelend
\DIFaddbegin
\DIFadd
{
.
}
\DIFaddend
File logging will create a file named
\texttt
{
opencore.log
}
at EFI volume root with
log contents. Please be warned that some file system drivers present in firmwares are
...
...
@@ -1560,8 +1596,46 @@ nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:opencore-version
\subsection
{
Security Properties
}
\label
{
miscsecurityprops
}
\begin{enumerate}
\DIFaddbegin
\DIFaddend
\item
\DIFaddbegin
\texttt
{
\DIFadd
{
ExposeSensitiveData
}}
\\
\textbf
{
\DIFadd
{
Type
}}
\DIFadd
{
:
}
\texttt
{
\DIFadd
{
plist
\
integer
}}
\\
\textbf
{
\DIFadd
{
Default value
}}
\DIFadd
{
:
}
\texttt
{
\DIFadd
{
2
}}
\\
\textbf
{
\DIFadd
{
Description
}}
\DIFadd
{
: Sensitive data exposure bitmask (sum) to operating system.
}
\begin{itemize}
\tightlist
\item
\texttt
{
\DIFadd
{
0x01
}}
\DIFadd
{
--- Expose printable booter path as an UEFI variable.
}
\item
\texttt
{
\DIFadd
{
0x02
}}
\DIFadd
{
--- Expose OpenCore version as an UEFI variable.
}
\end{itemize}
\DIFadd
{
Exposed booter path points to OpenCore.efi or its booter depending on the load order.
To obtain booter path use the following command in macOS:
}
\DIFmodbegin
\begin{lstlisting}
[label=nvrampath, style=ocbash,alsolanguage=DIFcode]
%DIF > nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:boot-path
\end{lstlisting}
\DIFmodend
\DIFadd
{
To use booter path for mounting booter volume use the following command in macOS:
}
\DIFmodbegin
\begin{lstlisting}
[label=nvrampathmount, style=ocbash,alsolanguage=DIFcode]
%DIF > u=$(nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:boot-path | sed 's/.*GPT,\([^,]*\),.*/\1/'); \
%DIF > if [ "$u" != "" ]; then sudo diskutil mount $u ; fi
\end{lstlisting}
\DIFmodend
\DIFadd
{
To obtain OpenCore version use the following command in macOS:
}
\DIFmodbegin
\begin{lstlisting}
[label=nvramver, style=ocbash,alsolanguage=DIFcode]
%DIF > nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:opencore-version
\end{lstlisting}
\DIFmodend
\item
\texttt
{
HaltLevel
}
\\
\
DIFaddend
\
texttt
{
HaltLevel
}
\\
\textbf
{
Type
}
:
\texttt
{
plist
\
integer
}
, 64 bit
\\
\textbf
{
Default value
}
:
\texttt
{
0x80000000
}
(
\texttt
{
DEBUG
\_
ERROR
}
)
\\
\textbf
{
Description
}
: EDK II debug level bitmask (sum) causing CPU to
...
...
Docs/Sample.plist
浏览文件 @
319b8061
...
...
@@ -404,13 +404,13 @@
<integer>
0
</integer>
<key>
DisplayLevel
</key>
<integer>
2147483650
</integer>
<key>
ExposeBootPath
</key>
<false/>
<key>
Target
</key>
<integer>
19
</integer>
</dict>
<key>
Security
</key>
<dict>
<key>
ExposeSensitiveData
</key>
<integer>
2
</integer>
<key>
HaltLevel
</key>
<integer>
2147483648
</integer>
<key>
RequireSignature
</key>
...
...
Docs/SampleFull.plist
浏览文件 @
319b8061
...
...
@@ -404,13 +404,13 @@
<integer>
0
</integer>
<key>
DisplayLevel
</key>
<integer>
2147483650
</integer>
<key>
ExposeBootPath
</key>
<false/>
<key>
Target
</key>
<integer>
19
</integer>
</dict>
<key>
Security
</key>
<dict>
<key>
ExposeSensitiveData
</key>
<integer>
2
</integer>
<key>
HaltLevel
</key>
<integer>
2147483648
</integer>
<key>
RequireSignature
</key>
...
...
Platform/OpenCore/OpenCoreMisc.c
浏览文件 @
319b8061
...
...
@@ -180,7 +180,7 @@ OcMiscLateInit (
UINT32
Bpp
;
BOOLEAN
SetMax
;
if
(
Config
->
Misc
.
Debug
.
ExposeBootPath
)
{
if
(
(
Config
->
Misc
.
Security
.
ExposeSensitiveData
&
OCS_EXPOSE_BOOT_PATH
)
!=
0
)
{
OcStoreLoadPath
(
LoadPath
);
}
...
...
Platform/OpenCore/OpenCoreNvram.c
浏览文件 @
319b8061
...
...
@@ -51,7 +51,7 @@ STATIC CHAR8 mOpenCoreVersion[] = {
STATIC
VOID
OcReportVersion
(
VOID
IN
OC_GLOBAL_CONFIG
*
Config
)
{
UINT32
Month
;
...
...
@@ -86,13 +86,15 @@ OcReportVersion (
DEBUG
((
DEBUG_INFO
,
"OC: Current version is %a
\n
"
,
mOpenCoreVersion
));
gRT
->
SetVariable
(
OC_VERSION_VARIABLE_NAME
,
&
gOcVendorVariableGuid
,
OPEN_CORE_NVRAM_ATTR
,
L_STR_SIZE_NT
(
mOpenCoreVersion
),
&
mOpenCoreVersion
[
0
]
);
if
((
Config
->
Misc
.
Security
.
ExposeSensitiveData
&
OCS_EXPOSE_VERSION
)
!=
0
)
{
gRT
->
SetVariable
(
OC_VERSION_VARIABLE_NAME
,
&
gOcVendorVariableGuid
,
OPEN_CORE_NVRAM_ATTR
,
L_STR_SIZE_NT
(
mOpenCoreVersion
),
&
mOpenCoreVersion
[
0
]
);
}
}
VOID
...
...
@@ -216,5 +218,5 @@ OcLoadNvramSupport (
}
}
OcReportVersion
();
OcReportVersion
(
Config
);
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录