ToggleSipEntry: Add --show-csr option

77c6c9d4 · MikeBeaton · 99db622f · 77c6c9d4 · 77c6c9d4 · 77c6c9d4
10 changed file
--- a/Changelog.md
+++ b/Changelog.md
@@ -12,6 +12,7 @@ OpenCore Changelog
 - Added optional `--codec-setup-delay` argument to AudioDxe
 - Changed units of `Audio` -> `SetupDelay` from microseconds to milliseconds (divide previous value by 1000 if using this setting)
 - Fixed incorrect FAT binary slice being selected under macOS 10.4.11 when performing a cacheless boot
+- Added `--show-csr` option for `Toggle SIP` boot menu entry

 #### v0.8.2
 - Fixed `AppleCpuPmCfgLock` on macOS 13

--- a/Docs/Configuration.md5
+++ b/Docs/Configuration.md5
-6168af65a2d3ac59112368336a774bb1
+600765052cee1987c810b06636eb2bf6
--- a/Docs/Configuration.pdf
+++ b/Docs/Configuration.pdf
--- a/Docs/Configuration.tex
+++ b/Docs/Configuration.tex
@@ -6882,9 +6882,24 @@ SIP will be fully configured, so setting the variable using this boot option
 \texttt{csrutil} command in macOS Recovery.

 \texttt{csr-active-config}  will be toggled between \texttt{0} for enabled, and a user-specified or
-default value for disabled. The default value is \texttt{0x27F} (see below).
-Any other required value can be specified as a single number in the \texttt{Arguments} for this driver.
-This can be specified as hexadecimal, beginning with \texttt{0x}, or as decimal.
+default value for disabled.
+
+Options for the driver should be specified as plain text values separated by whitespace in the
+\texttt{Arguments} section of \texttt{Driver} entry. Available options are:
+
+\begin{itemize}
+\tightlist
+  \item \texttt{-{}-show-csr} - Boolean flag, enabled if present. \medskip
+
+  If enabled, show the current hexadecimal value of \texttt{csr-active-config} in the boot entry name.
+  This option will not work in OpenCanopy when used in combination with \texttt{OC\_ATTR\_USE\_GENERIC\_LABEL\_IMAGE}
+  in \texttt{PickerAttributes}. \medskip
+
+  \item Numerical value - Default value \texttt{0x27F}. \medskip
+
+  Specify the \texttt{csr-active-config} value to use to disabled SIP. This can be specified as
+  hexadecimal, beginning with \texttt{0x}, or as decimal. For more info see Note 2 below. \medskip
+\end{itemize}

 \emph{Note 1}: It is recommended not to run macOS with
 SIP disabled. Use of this boot option may make it easier to quickly disable SIP

--- a/Docs/Differences/Differences.pdf
+++ b/Docs/Differences/Differences.pdf
--- a/Docs/Differences/Differences.tex
+++ b/Docs/Differences/Differences.tex
 \documentclass[]{article}
 %DIF LATEXDIFF DIFFERENCE FILE
 %DIF DEL PreviousConfiguration.tex   Thu Jul  7 13:40:40 2022
-%DIF ADD ../Configuration.tex        Wed Jul 20 19:52:29 2022
+%DIF ADD ../Configuration.tex        Sun Jul 24 14:16:13 2022

 \usepackage{lmodern}
 \usepackage{amssymb,amsmath}
@@ -6957,9 +6957,29 @@ SIP will be fully configured, so setting the variable using this boot option
 \texttt{csrutil} command in macOS Recovery.

 \texttt{csr-active-config}  will be toggled between \texttt{0} for enabled, and a user-specified or
-default value for disabled. The default value is \texttt{0x27F} (see below).
-Any other required value can be specified as a single number in the \texttt{Arguments} for this driver.
-This can be specified as hexadecimal, beginning with \texttt{0x}, or as decimal.
+default value for disabled.
+\DIFdelbegin \DIFdel{The default value is }\texttt{\DIFdel{0x27F}} %DIFAUXCMD
+\DIFdel{(see below).
+Any other required value can }\DIFdelend \DIFaddbegin 
+
+\DIFadd{Options for the driver should }\DIFaddend be specified as \DIFdelbegin \DIFdel{a single number }\DIFdelend \DIFaddbegin \DIFadd{plain text values separated by whitespace }\DIFaddend in the
+\texttt{Arguments} \DIFdelbegin \DIFdel{for this driver. This }\DIFdelend \DIFaddbegin \DIFadd{section of }\texttt{\DIFadd{Driver}} \DIFadd{entry. Available options are:
+}
+
+\begin{itemize}
+\tightlist
+  \item \texttt{\DIFadd{-}{}\DIFadd{-show-csr}} \DIFadd{- Boolean flag, enabled if present. }\medskip
+
+  \DIFadd{If enabled, show the current hexadecimal value of }\texttt{\DIFadd{csr-active-config}} \DIFadd{in the boot entry name.
+  This option will not work in OpenCanopy when used in combination with }\texttt{\DIFadd{OC\_ATTR\_USE\_GENERIC\_LABEL\_IMAGE}}
+  \DIFadd{in }\texttt{\DIFadd{PickerAttributes}}\DIFadd{. }\medskip
+
+  \item \DIFadd{Numerical value - Default value }\texttt{\DIFadd{0x27F}}\DIFadd{. }\medskip
+
+  \DIFadd{Specify the }\texttt{\DIFadd{csr-active-config}} \DIFadd{value to use to disabled SIP. This }\DIFaddend can be specified as
+  hexadecimal, beginning with \texttt{0x}, or as decimal. \DIFaddbegin \DIFadd{For more info see Note 2 below. }\medskip
+\end{itemize}
+\DIFaddend 

 \emph{Note 1}: It is recommended not to run macOS with
 SIP disabled. Use of this boot option may make it easier to quickly disable SIP

--- a/Docs/Errata/Errata.pdf
+++ b/Docs/Errata/Errata.pdf
--- a/Include/Acidanthera/Library/OcBootManagementLib.h
+++ b/Include/Acidanthera/Library/OcBootManagementLib.h
@@ -1891,7 +1891,9 @@ OcImageLoaderLoad (
  );

 /**
-  Parse loaded image protocol load options.
+  Parse loaded image protocol load options, resultant options are in the
+  same format as is returned by OcParsedVars and may be examined using the
+  same utility methods.

  Assumes CHAR_NULL terminated Unicode string of space separated options,
  each of form {name} or {name}={value}. Double quotes can be used round {value} to
@@ -1949,6 +1951,20 @@ OcParseVars (
  IN     CONST OC_STRING_FORMAT  StringFormat
  );

+/**
+  Return parsed variable at given index.
+
+  @param[in]   ParsedVars         Parsed variables.
+  @param[in]   Index              Index of option to return.
+
+  @retval                         Parsed option.
+**/
+OC_PARSED_VAR *
+OcParsedVarsItemAt (
+  IN     CONST OC_FLEX_ARRAY  *ParsedVars,
+  IN     CONST UINTN          Index
+  );
+
 /**
  Get string value of parsed var or load option.
  Returned value is in same format as raw options.

--- a/Library/OcBootManagementLib/BootArguments.c
+++ b/Library/OcBootManagementLib/BootArguments.c
@@ -625,6 +625,18 @@ OcParseVars (
  return EFI_SUCCESS;
 }

+OC_PARSED_VAR *
+OcParsedVarsItemAt (
+  IN     CONST OC_FLEX_ARRAY  *ParsedVars,
+  IN     CONST UINTN          Index
+  )
+{
+  OC_PARSED_VAR  *Option;
+
+  Option = OcFlexArrayItemAt (ParsedVars, Index);
+  return Option;
+}
+
 BOOLEAN
 OcParsedVarsGetStr (
  IN     CONST OC_FLEX_ARRAY     *ParsedVars,

--- a/Platform/ToggleSipEntry/ToggleSipEntry.c
+++ b/Platform/ToggleSipEntry/ToggleSipEntry.c
@@ -10,17 +10,23 @@

 #include <Uefi.h>
 #include <Library/BaseLib.h>
+#include <Library/MemoryAllocationLib.h>
 #include <Library/UefiBootServicesTableLib.h>
 #include <Library/UefiRuntimeServicesTableLib.h>

 #include <Protocol/OcBootEntry.h>

-#define OC_MENU_SIP_IS_DISABLED  "Toggle SIP (Disabled)"
-#define OC_MENU_SIP_IS_ENABLED   "Toggle SIP (Enabled)"
+#define OC_MENU_TOGGLE_SIP           "Toggle SIP (%a)"
+#define OC_MENU_TOGGLE_SIP_SHOW_CSR  "Toggle SIP (0x%X:%a)"
+#define OC_MENU_TOGGLE_SIP_MAX_SIZE  (\
+    sizeof(OC_MENU_TOGGLE_SIP_SHOW_CSR) \
+  + sizeof(UINT32) * 2 * sizeof (CHAR8) - L_STR_LEN("%X") \
+  + L_STR_LEN("Disabled") - L_STR_LEN("%a"))

 STATIC UINT32   mCsrUserConfig;
 STATIC UINT32   mCsrNextConfig;
 STATIC UINT32   mAttributes;
+STATIC BOOLEAN  mShowCsr;

 STATIC
 EFI_STATUS
@@ -87,6 +93,7 @@ ToggleSipGetBootEntries (
  EFI_STATUS  Status;
  UINT32      CsrActiveConfig;
  BOOLEAN     IsEnabled;
+  CHAR8       *Name;

  //
  // Custom entries only.
@@ -125,13 +132,40 @@ ToggleSipGetBootEntries (
    return Status;
  }

+  Name = AllocatePool (OC_MENU_TOGGLE_SIP_MAX_SIZE);
+  if (Name == NULL) {
+    return EFI_OUT_OF_RESOURCES;
+  }
+
+  if (mShowCsr) {
+    Status = OcAsciiSafeSPrint (
+               Name,
+               OC_MENU_TOGGLE_SIP_MAX_SIZE,
+               OC_MENU_TOGGLE_SIP_SHOW_CSR,
+               CsrActiveConfig,
+               IsEnabled ? "Enabled" : "Disabled"
+               );
+  } else {
+    Status = OcAsciiSafeSPrint (
+               Name,
+               OC_MENU_TOGGLE_SIP_MAX_SIZE,
+               OC_MENU_TOGGLE_SIP,
+               IsEnabled ? "Enabled" : "Disabled"
+               );
+  }
+
+  if (EFI_ERROR (Status)) {
+    ASSERT (FALSE);
+    FreePool (Name);
+    return EFI_ABORTED;
+  }
+
+  mToggleSipBootEntries[0].Name = Name;
  if (IsEnabled) {
-    mToggleSipBootEntries[0].Name          = OC_MENU_SIP_IS_ENABLED;
    mToggleSipBootEntries[0].Flavour       = OC_FLAVOUR_TOGGLE_SIP_ENABLED;
    mToggleSipBootEntries[0].AudioBasePath = OC_VOICE_OVER_AUDIO_FILE_SIP_IS_ENABLED;
    mCsrNextConfig                         = mCsrUserConfig;
  } else {
-    mToggleSipBootEntries[0].Name          = OC_MENU_SIP_IS_DISABLED;
    mToggleSipBootEntries[0].Flavour       = OC_FLAVOUR_TOGGLE_SIP_DISABLED;
    mToggleSipBootEntries[0].AudioBasePath = OC_VOICE_OVER_AUDIO_FILE_SIP_IS_DISABLED;
    mCsrNextConfig                         = 0;
@@ -152,12 +186,36 @@ ToggleSipGetBootEntries (
  return EFI_SUCCESS;
 }

+STATIC
+VOID
+EFIAPI
+ToggleSipFreeBootEntries (
+  IN           OC_PICKER_ENTRY  **Entries,
+  IN           UINTN            NumEntries
+  )
+{
+  UINTN  Index;
+
+  if (NumEntries == 0) {
+    return;
+  }
+
+  ASSERT (NumEntries == 1);
+  ASSERT (Entries != NULL);
+
+  for (Index = 0; Index < NumEntries; Index++) {
+    if (Entries[Index]->Name != NULL) {
+      FreePool ((VOID *)Entries[Index]->Name);  ///< Discard const
+    }
+  }
+}
+
 STATIC
 OC_BOOT_ENTRY_PROTOCOL
  mToggleSipBootEntryProtocol = {
  OC_BOOT_ENTRY_PROTOCOL_REVISION,
  ToggleSipGetBootEntries,
-  NULL
+  ToggleSipFreeBootEntries
 };

 EFI_STATUS
@@ -169,7 +227,11 @@ UefiMain (
 {
  EFI_STATUS                 Status;
  EFI_LOADED_IMAGE_PROTOCOL  *LoadedImage;
+  OC_FLEX_ARRAY              *ParsedLoadOptions;
+  CHAR16                     *Option;
+  UINTN                      Index;
  UINTN                      Data;
+  BOOLEAN                    HasUserCsr;

  Status = gBS->HandleProtocol (
                  ImageHandle,
@@ -180,21 +242,41 @@ UefiMain (
    return Status;
  }

-  Status = EFI_NOT_FOUND;
-
-  if (OcHasLoadOptions (LoadedImage->LoadOptionsSize, LoadedImage->LoadOptions)) {
-    if (OcUnicodeStartsWith (LoadedImage->LoadOptions, L"0x", TRUE)) {
-      Status = StrHexToUintnS (LoadedImage->LoadOptions, NULL, &Data);
+  Status     = OcParseLoadOptions (LoadedImage, &ParsedLoadOptions);
+  HasUserCsr = FALSE;
+  if (!EFI_ERROR (Status)) {
+    for (Index = 0; Index < ParsedLoadOptions->Count; Index++) {
+      Option = OcParsedVarsItemAt (ParsedLoadOptions, Index)->Unicode.Name;
+      if (Option[0] != L'-') {
+        if (OcUnicodeStartsWith (Option, L"0x", TRUE)) {
+          Status = StrHexToUintnS (Option, NULL, &Data);
        } else {
-      Status = StrDecimalToUintnS (LoadedImage->LoadOptions, NULL, &Data);
+          Status = StrDecimalToUintnS (Option, NULL, &Data);
        }

        if (EFI_ERROR (Status)) {
-      DEBUG ((DEBUG_WARN, "BEP: ToggleSip cannot parse %s - %r\n", LoadedImage->LoadOptions, Status));
+          DEBUG ((DEBUG_WARN, "BEP: ToggleSip cannot parse %s - %r\n", Option, Status));
+          HasUserCsr = FALSE;
+        } else {
+          HasUserCsr = TRUE;
+        }
      }
    }

-  if (!EFI_ERROR (Status)) {
+    mShowCsr = OcHasParsedVar (ParsedLoadOptions, L"--show-csr", OcStringFormatUnicode);
+
+    OcFlexArrayFree (&ParsedLoadOptions);
+  } else {
+    ASSERT (ParsedLoadOptions == NULL);
+
+    if (Status != EFI_NOT_FOUND) {
+      return Status;
+    }
+
+    mShowCsr = FALSE;
+  }
+
+  if (HasUserCsr) {
    mCsrUserConfig = (UINT32)Data;
    if (OcIsSipEnabled (EFI_SUCCESS, mCsrUserConfig)) {
      DEBUG ((DEBUG_WARN, "BEP: Specified value 0x%X will not disable SIP!\n", mCsrUserConfig));