├── .gitignore ├── Unrootless ├── Filesystem.h ├── GlobalDefinitions.h ├── Filesystem.c ├── Info.plist ├── Kernel.h ├── Unrootless.c ├── csr.h └── Kernel.c ├── LICENSE.txt ├── README.md └── Unrootless.xcodeproj └── project.pbxproj /.gitignore: -------------------------------------------------------------------------------- 1 | Unrootless.xcodeproj/xcuserdata/ 2 | Unrootless.xcodeproj/project.xcworkspace/ 3 | -------------------------------------------------------------------------------- /Unrootless/Filesystem.h: -------------------------------------------------------------------------------- 1 | // 2 | // Filesystem.h 3 | // Unrootless 4 | // 5 | // Created by Linus Henze on 11/10/2016. 6 | // Copyright © 2016 Linus Henze. All rights reserved. 7 | // 8 | 9 | #ifndef Filesystem_h 10 | #define Filesystem_h 11 | 12 | #include 13 | 14 | int readFile(char *file, uint8_t *buffer, off_t offset, user_size_t size); 15 | 16 | #endif /* Filesystem_h */ 17 | -------------------------------------------------------------------------------- /Unrootless/GlobalDefinitions.h: -------------------------------------------------------------------------------- 1 | // 2 | // GlobalDefinitions.h 3 | // Unrootless 4 | // 5 | // Created by Linus Henze on 12/10/2016. 6 | // Copyright © 2016 Linus Henze. All rights reserved. 7 | // 8 | 9 | #ifndef GlobalDefinitions_h 10 | #define GlobalDefinitions_h 11 | 12 | #define MAVERICKS 13 13 | #define YOSEMITE 14 14 | #define EL_CAPITAN 15 15 | #define SIERRA 16 16 | #define HIGH_SIERRA 17 17 | #define MOJAVE 18 18 | #define CATALINA 19 19 | 20 | #if DEBUG 21 | #define LOG_DEBUG(fmt, ...) printf("[DEBUG] " fmt "\n", ## __VA_ARGS__) 22 | #else 23 | #define LOG_DEBUG(fmt, ...) ; 24 | #endif 25 | 26 | #define LOG_MSG(...) printf(__VA_ARGS__) 27 | #define LOG_ERROR(fmt, ...) printf("[ERROR] " fmt "\n", ## __VA_ARGS__) 28 | #define LOG_INFO(fmt, ...) printf("[INFO] " fmt "\n", ## __VA_ARGS__) 29 | 30 | #endif /* GlobalDefinitions_h */ 31 | -------------------------------------------------------------------------------- /LICENSE.txt: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2015-2020 Linus Henze 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | 23 | -------------------------------------------------------------------------------- /Unrootless/Filesystem.c: -------------------------------------------------------------------------------- 1 | // 2 | // Filesystem.c 3 | // Unrootless 4 | // 5 | // Created by Linus Henze on 11/10/2016. 6 | // Copyright © 2016 Linus Henze. All rights reserved. 7 | // 8 | 9 | #include "Filesystem.h" 10 | 11 | int readFile(char *file, uint8_t *buffer, off_t offset, user_size_t size) { 12 | int res = EIO; 13 | 14 | vfs_context_t vfsContext = vfs_context_create(NULL); 15 | if (vfsContext == NULL) { 16 | return EIO; 17 | } 18 | 19 | vnode_t fileVnode = NULLVP; 20 | if (vnode_lookup(file, 0, &fileVnode, vfsContext) == 0) { 21 | uio_t uio = uio_create(1, offset, UIO_SYSSPACE, UIO_READ); 22 | if (uio == NULL) 23 | goto exit; 24 | 25 | if (uio_addiov(uio, CAST_USER_ADDR_T(buffer), size)) 26 | goto exit; 27 | 28 | if (VNOP_READ(fileVnode, uio, 0, vfsContext)) 29 | goto exit; 30 | 31 | if (uio_resid(uio)) 32 | goto exit; 33 | 34 | res = 0; 35 | } else { 36 | vfs_context_rele(vfsContext); 37 | return ENOENT; 38 | } 39 | 40 | exit: 41 | vnode_put(fileVnode); 42 | vfs_context_rele(vfsContext); 43 | return res; 44 | } 45 | -------------------------------------------------------------------------------- /Unrootless/Info.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | CFBundleDevelopmentRegion 6 | en 7 | CFBundleExecutable 8 | $(EXECUTABLE_NAME) 9 | CFBundleIdentifier 10 | $(PRODUCT_BUNDLE_IDENTIFIER) 11 | CFBundleInfoDictionaryVersion 12 | 6.0 13 | CFBundleName 14 | $(PRODUCT_NAME) 15 | CFBundlePackageType 16 | KEXT 17 | CFBundleShortVersionString 18 | 1.0 19 | CFBundleSignature 20 | ???? 21 | CFBundleVersion 22 | 1 23 | NSHumanReadableCopyright 24 | Copyright © 2015. All rights reserved. 25 | OSBundleLibraries 26 | 27 | com.apple.kpi.bsd 28 | 9.0.0 29 | com.apple.kpi.libkern 30 | 9.0.0 31 | com.apple.kpi.mach 32 | 9.0.0 33 | com.apple.kpi.unsupported 34 | 9.0.0 35 | 36 | 37 | 38 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Unrootless-KEXT 2 | A kext that can be used to disable Rootless in OS X El Capitan/macOS Sierra. You need to sign it OR use an exploit to make OS X load it. 3 | See [https://youtu.be/dq0-0WVGyq4](https://youtu.be/dq0-0WVGyq4) 4 | This kext can be loaded using [this](https://github.com/LinusHenze/anyKextLoader) exploit. (If you're running OS X 10.11 - 10.11.3, was fixed in OS X 10.11.4) 5 | 6 | # Building 7 | Just open the Project in Xcode and select Product->Build. 8 | 9 | # Using 10 | Copy the kext to a directory of your choice and make sure that the kext has the right permissions (sudo chown -R root:wheel ) 11 | As stated above, you need to sign this kext with a valid certificate or you need an exploit ([like this](https://github.com/LinusHenze/anyKextLoader)) to make OS X load it. 12 | 13 | # Options 14 | This kext will register debug.rootless.disabled and debug.rootless.csrConfig in sysctl. 15 | To disable rootless, enter "sysctl debug.rootless.disabled=1", to enable enter "sysctl debug.rootless.disabled=0" and to use your own config enter "sysctl debug.rootless.disabled=2". 16 | If you choose to use your own config, debug.rootless.csrConfig will become visible and you can enter your own config there (see csr.h for valid configuration values). 17 | If you would like to use the enable/disable options from csrutil without rebooting to Recovery OS, enter "sysctl debug.rootless.disabled=2 && sysctl debug.rootless.csrConfig=0xE7". 18 | -------------------------------------------------------------------------------- /Unrootless/Kernel.h: -------------------------------------------------------------------------------- 1 | // 2 | // Kernel.h 3 | // Unrootless 4 | // 5 | // Created by Linus Henze on 11/10/2016. 6 | // Copyright © 2016 Linus Henze. All rights reserved. 7 | // 8 | 9 | #ifndef Kernel_h 10 | #define Kernel_h 11 | 12 | #include 13 | #include 14 | #include 15 | #include 16 | #include 17 | #include 18 | #include 19 | 20 | extern struct KernelInfo kInfo; 21 | 22 | struct __attribute__((packed)) IDT_Desc_AMD64 { 23 | uint16_t offset_low; // bits 0...15 24 | uint16_t selector; 25 | uint8_t int_stck_tbl; 26 | uint8_t type_attr; 27 | uint16_t offset_middle; // bits 16...31 28 | uint32_t offset_high; // bits 32...63 29 | uint32_t reserved; 30 | }; 31 | 32 | struct KernelInfo { 33 | uint8_t *kernelBase; 34 | mach_vm_address_t runningTEXT; 35 | mach_vm_address_t diskTEXT; 36 | mach_vm_address_t KASLR; 37 | uint8_t *symTable; 38 | uint32_t numOfSymbols; 39 | uint8_t *stringTable; 40 | uint32_t stringTableSize; 41 | uint8_t *linkeditSegment; 42 | uint64_t linkeditSize; 43 | uint32_t initializedMagic; 44 | }; 45 | 46 | extern struct KernelInfo kInfo; 47 | 48 | mach_vm_address_t findKernelBase(void); 49 | bool initKernelInfo(void); 50 | void cleanupKernelInfo(void); 51 | void *findKernelSymbol(char *sym); 52 | 53 | void enableKernelWrite(void); 54 | void disableKernelWrite(void); 55 | 56 | #endif /* Kernel_h */ 57 | -------------------------------------------------------------------------------- /Unrootless/Unrootless.c: -------------------------------------------------------------------------------- 1 | // 2 | // Unrootless.c 3 | // Unrootless 4 | // 5 | // Created by Linus Henze on 26.07.15. 6 | // Copyright © 2015 Linus Henze. All rights reserved. 7 | // 8 | 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | 15 | #include "GlobalDefinitions.h" 16 | #include "csr.h" 17 | #include "Kernel.h" 18 | 19 | extern const int version_major; 20 | 21 | static uint32_t rootless_state = 0; 22 | static uint32_t rootless_old_state = 0; 23 | static uint32_t csr_flags = 0; 24 | static uint32_t rootlessBootState = 0; 25 | static int sysctl_rootless_disabled_func SYSCTL_HANDLER_ARGS; 26 | static int sysctl_rootless_csrFlags SYSCTL_HANDLER_ARGS; 27 | 28 | SYSCTL_NODE(_debug, // our parent 29 | OID_AUTO, // automatically assign us an object ID 30 | rootless, // our name 31 | CTLFLAG_RW, // we wil be creating children therefore, read/write 32 | 0, // Handler function (none selected) 33 | "rootless" 34 | ); 35 | 36 | SYSCTL_PROC(_debug_rootless, // our parent 37 | OID_AUTO, // automaticall assign us an object ID 38 | disabled, // our name 39 | (CTLTYPE_INT | // type flag 40 | CTLFLAG_RW | CTLFLAG_ANYBODY), // access flag (read/write by anybody) 41 | &rootless_state, // location of our data 42 | 0, // argument passed to our handler 43 | sysctl_rootless_disabled_func, // our handler function 44 | "IU", // our data type (unsigned integer) 45 | "enable/disable rootless" // our description 46 | ); 47 | 48 | SYSCTL_PROC(_debug_rootless, // our parent 49 | OID_AUTO , // automaticall assign us an object ID 50 | csrConfig, // our name 51 | (CTLTYPE_INT | // type flag 52 | CTLFLAG_RW | CTLFLAG_ANYBODY), // access flag (read/write by anybody) 53 | &csr_flags, // location of our data 54 | 0, // argument passed to our handler 55 | sysctl_rootless_csrFlags, // our handler function 56 | "IU", // our data type (unsigned integer) 57 | "set csr flags" // our description 58 | ); 59 | 60 | void setCSR(uint32_t flags) { 61 | enableKernelWrite(); 62 | boot_args *args = (boot_args*) PE_state_loc->bootArgs; 63 | args->csrActiveConfig = flags; 64 | disableKernelWrite(); 65 | } 66 | 67 | static int sysctl_rootless_disabled_func SYSCTL_HANDLER_ARGS { 68 | if (rootless_state == 2) { // Custom config 69 | // Check if we just set it to 2 70 | if (rootless_old_state != rootless_state) { 71 | sysctl_register_oid(&sysctl__debug_rootless_csrConfig); 72 | csr_flags = rootless_old_state ? ROOTLESS_DEFAULT_OFF : ROOTLESS_DEFAULT_ON; 73 | rootless_old_state = 2; 74 | } 75 | 76 | return sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req); 77 | } 78 | 79 | if (rootless_old_state == 2) { 80 | sysctl_unregister_oid(&sysctl__debug_rootless_csrConfig); 81 | boot_args *args = (boot_args*) PE_state_loc->bootArgs; 82 | args->flags &= ~(kBootArgsFlagCSRConfigMode); 83 | } 84 | 85 | rootless_state = (rootless_state > 0) ? 1 : 0; 86 | 87 | setCSR(rootless_state ? ROOTLESS_DEFAULT_OFF : ROOTLESS_DEFAULT_ON); 88 | 89 | rootless_old_state = rootless_state; 90 | 91 | return sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req); 92 | } 93 | 94 | static int sysctl_rootless_csrFlags SYSCTL_HANDLER_ARGS { 95 | csr_flags = csr_flags & CSR_VALID_FLAGS; 96 | boot_args *args = (boot_args*) PE_state_loc->bootArgs; 97 | if (csr_flags & CSR_ALLOW_DEVICE_CONFIGURATION) { // Allow csrutil enable/disable 98 | args->flags |= kBootArgsFlagCSRConfigMode; 99 | } else { 100 | args->flags &= ~(kBootArgsFlagCSRConfigMode); 101 | } 102 | 103 | setCSR(csr_flags); 104 | 105 | return sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req); 106 | } 107 | 108 | kern_return_t unrootless_start(kmod_info_t * ki, void *d) { 109 | if (version_major < EL_CAPITAN || version_major > CATALINA) { 110 | LOG_ERROR("You must run OS X >= El Capitan or macOS <= Catalina to unrootless."); 111 | return KERN_FAILURE; 112 | } 113 | 114 | if (!initKernelInfo()) { 115 | LOG_ERROR("initKernelInfo() failed!"); 116 | return KERN_FAILURE; 117 | } 118 | 119 | PE_state_loc = (PE_state_t*) findKernelSymbol("_PE_state"); 120 | if (PE_state_loc == NULL) { 121 | LOG_ERROR("Couldn't find '_PE_state', aborting..."); 122 | return KERN_FAILURE; 123 | } 124 | 125 | boot_args *args = (boot_args*) PE_state_loc->bootArgs; 126 | rootlessBootState = args->csrActiveConfig; 127 | csr_flags = args->csrActiveConfig; 128 | if (!(args->flags & kBootArgsFlagCSRActiveConfig)) { 129 | LOG_INFO("Setting CSRActiveConfig flag..."); 130 | args->flags |= kBootArgsFlagCSRActiveConfig; // Needed on some Macs... 131 | } 132 | 133 | rootless_state = !rootlessBootState; 134 | 135 | setCSR(rootless_state ? ROOTLESS_DEFAULT_OFF : ROOTLESS_DEFAULT_ON); 136 | 137 | sysctl_register_oid(&sysctl__debug_rootless); 138 | sysctl_register_oid(&sysctl__debug_rootless_disabled); 139 | 140 | return KERN_SUCCESS; 141 | } 142 | 143 | kern_return_t unrootless_stop(kmod_info_t *ki, void *d) { 144 | // Reset state 145 | setCSR(rootlessBootState); 146 | 147 | sysctl_unregister_oid(&sysctl__debug_rootless); 148 | sysctl_unregister_oid(&sysctl__debug_rootless_disabled); 149 | if (rootless_state == 2) { 150 | sysctl_unregister_oid(&sysctl__debug_rootless_csrConfig); 151 | } 152 | 153 | cleanupKernelInfo(); 154 | 155 | return KERN_SUCCESS; 156 | } 157 | -------------------------------------------------------------------------------- /Unrootless/csr.h: -------------------------------------------------------------------------------- 1 | // 2 | // csr.h 3 | // Unrootless 4 | // 5 | // Created by Linus Henze on 13/03/16. 6 | // Copyright © 2016 Linus Henze. All rights reserved. 7 | // 8 | 9 | /* The contents of this file were taken from the XNU-3248.20.55 source, released under the Apple Public Source License */ 10 | 11 | /* 12 | * Copyright (c) 2014 Apple Inc. All rights reserved. 13 | * 14 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 15 | * 16 | * This file contains Original Code and/or Modifications of Original Code 17 | * as defined in and that are subject to the Apple Public Source License 18 | * Version 2.0 (the 'License'). You may not use this file except in 19 | * compliance with the License. The rights granted to you under the License 20 | * may not be used to create, or enable the creation or redistribution of, 21 | * unlawful or unlicensed copies of an Apple operating system, or to 22 | * circumvent, violate, or enable the circumvention or violation of, any 23 | * terms of an Apple operating system software license agreement. 24 | * 25 | * Please obtain a copy of the License at 26 | * http://www.opensource.apple.com/apsl/ and read it before using this file. 27 | * 28 | * The Original Code and all software distributed under the License are 29 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 30 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 31 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 32 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 33 | * Please see the License for the specific language governing rights and 34 | * limitations under the License. 35 | * 36 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 37 | */ 38 | 39 | #ifndef csr_h 40 | #define csr_h 41 | 42 | /* CSR configuration values */ 43 | #define CSR_ALLOW_UNTRUSTED_KEXTS (1 << 0) 44 | #define CSR_ALLOW_UNRESTRICTED_FS (1 << 1) 45 | #define CSR_ALLOW_TASK_FOR_PID (1 << 2) 46 | #define CSR_ALLOW_KERNEL_DEBUGGER (1 << 3) 47 | #define CSR_ALLOW_APPLE_INTERNAL (1 << 4) 48 | #define CSR_ALLOW_DESTRUCTIVE_DTRACE (1 << 5) /* name deprecated */ 49 | #define CSR_ALLOW_UNRESTRICTED_DTRACE (1 << 5) 50 | #define CSR_ALLOW_UNRESTRICTED_NVRAM (1 << 6) 51 | #define CSR_ALLOW_DEVICE_CONFIGURATION (1 << 7) // allow csrutil enable/disable 52 | #define CSR_ALLOW_ANY_RECOVERY_OS (1 << 8) 53 | /* CSR configuration values - End */ 54 | 55 | /* CSR valid configuration values */ 56 | #define CSR_VALID_FLAGS (CSR_ALLOW_UNTRUSTED_KEXTS | \ 57 | CSR_ALLOW_UNRESTRICTED_FS | \ 58 | CSR_ALLOW_TASK_FOR_PID | \ 59 | CSR_ALLOW_KERNEL_DEBUGGER | \ 60 | CSR_ALLOW_APPLE_INTERNAL | \ 61 | CSR_ALLOW_UNRESTRICTED_DTRACE | \ 62 | CSR_ALLOW_UNRESTRICTED_NVRAM | \ 63 | CSR_ALLOW_DEVICE_CONFIGURATION | \ 64 | CSR_ALLOW_ANY_RECOVERY_OS) 65 | /* CSR valid configuration values - End */ 66 | 67 | /* CSR default configuration values */ 68 | #define ROOTLESS_DEFAULT_ON 0 69 | #define ROOTLESS_DEFAULT_OFF 103 70 | /* CSR default configuration values - End */ 71 | 72 | struct PE_Video { 73 | unsigned long v_baseAddr; /* Base address of video memory */ 74 | unsigned long v_rowBytes; /* Number of bytes per pixel row */ 75 | unsigned long v_width; /* Width */ 76 | unsigned long v_height; /* Height */ 77 | unsigned long v_depth; /* Pixel Depth */ 78 | unsigned long v_display; /* Text or Graphics */ 79 | char v_pixelFormat[64]; 80 | long v_resv[ 4 ]; 81 | }; 82 | 83 | typedef struct PE_Video PE_Video; 84 | 85 | typedef struct PE_state { 86 | boolean_t initialized; 87 | PE_Video video; 88 | void *deviceTreeHead; 89 | void *bootArgs; 90 | #if __i386__ 91 | void *fakePPCBootArgs; 92 | #endif 93 | } PE_state_t; 94 | 95 | #define kBootArgsFlagCSRConfigMode (1 << 4) // also needed to allow csrutil enable/disable 96 | #define kBootArgsFlagCSRActiveConfig (1 << 3) // not set on all mac's 97 | 98 | PE_state_t *PE_state_loc = NULL; 99 | 100 | #define BOOT_LINE_LENGTH 1024 101 | 102 | struct Boot_Video { 103 | uint32_t v_baseAddr; /* Base address of video memory */ 104 | uint32_t v_display; /* Display Code (if Applicable) */ 105 | uint32_t v_rowBytes; /* Number of bytes per pixel row */ 106 | uint32_t v_width; /* Width */ 107 | uint32_t v_height; /* Height */ 108 | uint32_t v_depth; /* Pixel Depth */ 109 | }; 110 | 111 | typedef struct Boot_Video Boot_Video; 112 | 113 | typedef struct boot_args { 114 | uint16_t Revision; /* Revision of boot_args structure */ 115 | uint16_t Version; /* Version of boot_args structure */ 116 | 117 | uint8_t efiMode; /* 32 = 32-bit, 64 = 64-bit */ 118 | uint8_t debugMode; /* Bit field with behavior changes */ 119 | uint16_t flags; 120 | 121 | char CommandLine[BOOT_LINE_LENGTH]; /* Passed in command line */ 122 | 123 | uint32_t MemoryMap; /* Physical address of memory map */ 124 | uint32_t MemoryMapSize; 125 | uint32_t MemoryMapDescriptorSize; 126 | uint32_t MemoryMapDescriptorVersion; 127 | 128 | Boot_Video Video; /* Video Information */ 129 | 130 | uint32_t deviceTreeP; /* Physical address of flattened device tree */ 131 | uint32_t deviceTreeLength; /* Length of flattened tree */ 132 | 133 | uint32_t kaddr; /* Physical address of beginning of kernel text */ 134 | uint32_t ksize; /* Size of combined kernel text+data+efi */ 135 | 136 | uint32_t efiRuntimeServicesPageStart; /* physical address of defragmented runtime pages */ 137 | uint32_t efiRuntimeServicesPageCount; 138 | uint64_t efiRuntimeServicesVirtualPageStart; /* virtual address of defragmented runtime pages */ 139 | 140 | uint32_t efiSystemTable; /* physical address of system table in runtime area */ 141 | uint32_t kslide; 142 | 143 | uint32_t performanceDataStart; /* physical address of log */ 144 | uint32_t performanceDataSize; 145 | 146 | uint32_t keyStoreDataStart; /* physical address of key store data */ 147 | uint32_t keyStoreDataSize; 148 | uint64_t bootMemStart; 149 | uint64_t bootMemSize; 150 | uint64_t PhysicalMemorySize; 151 | uint64_t FSBFrequency; 152 | uint64_t pciConfigSpaceBaseAddress; 153 | uint32_t pciConfigSpaceStartBusNumber; 154 | uint32_t pciConfigSpaceEndBusNumber; 155 | uint32_t csrActiveConfig; 156 | uint32_t csrPendingConfig; 157 | uint32_t __reserved4[728]; 158 | 159 | } boot_args; 160 | 161 | #endif /* csr_h */ 162 | -------------------------------------------------------------------------------- /Unrootless/Kernel.c: -------------------------------------------------------------------------------- 1 | // 2 | // Kernel.c 3 | // Unrootless 4 | // 5 | // Created by Linus Henze on 11/10/2016. 6 | // Copyright © 2016 Linus Henze. All rights reserved. 7 | // 8 | 9 | #include 10 | #include "Kernel.h" 11 | #include "Filesystem.h" 12 | 13 | #define KERNEL_READ_SIZE 8192 // 0x2000 bytes should be enough 14 | 15 | static char *kernel_paths[] = { 16 | "/System/Library/Kernels/kernel", 17 | "/System/Library/Kernels/kernel.development", 18 | "/System/Library/Kernels/kernel.debug" 19 | }; 20 | 21 | struct KernelInfo kInfo; 22 | 23 | mach_vm_address_t findKernelBase() { 24 | host_priv_t host = host_priv_self(); 25 | mach_vm_address_t searchAddress = (mach_vm_address_t) host & 0xfffffffffff00000; 26 | while (searchAddress > 0) { 27 | if (*(uint32_t*)(searchAddress) == MH_MAGIC_64) { 28 | // Make sure this is really the Header 29 | // If it is, the __TEXT load command will follow 30 | struct segment_command_64 *__text = (struct segment_command_64*) (searchAddress + sizeof(struct mach_header_64)); 31 | if (strncmp(__text->segname, "__TEXT", 16) == 0) { 32 | return searchAddress; 33 | } 34 | } 35 | searchAddress--; 36 | } 37 | return 0; 38 | } 39 | 40 | struct load_command *findLoadCommandOfType(uint8_t *kernel, struct load_command *begin, uint32_t type) { 41 | struct mach_header_64 *header = (struct mach_header_64*) kernel; 42 | if (header->magic != MH_MAGIC_64) { 43 | return NULL; //That's not a mach-o image 44 | } 45 | 46 | struct load_command *startCmd = (struct load_command*) (kernel + sizeof(struct mach_header_64)); 47 | 48 | struct load_command *ldCmd = begin; 49 | if (ldCmd == NULL) { 50 | ldCmd = startCmd; 51 | } else { 52 | ldCmd = (struct load_command*) ((mach_vm_address_t) ldCmd + ldCmd->cmdsize); 53 | } 54 | 55 | mach_vm_address_t endAddr = (mach_vm_address_t) startCmd + header->sizeofcmds; 56 | 57 | while ((mach_vm_address_t) ldCmd < endAddr) { 58 | if (ldCmd->cmd == type) { 59 | return ldCmd; 60 | } 61 | ldCmd = (struct load_command*) ((mach_vm_address_t) ldCmd + ldCmd->cmdsize); 62 | } 63 | 64 | return NULL; 65 | } 66 | 67 | struct segment_command_64 *findSegmentLoadCommand(uint8_t *kernel, char *segment) { 68 | struct load_command *ldCmd = findLoadCommandOfType(kernel, NULL, LC_SEGMENT_64); 69 | 70 | while (ldCmd != NULL) { 71 | struct segment_command_64 *sLdCmd = (struct segment_command_64*) ldCmd; 72 | if (strncmp(sLdCmd->segname, segment, 16) == 0) { 73 | return (struct segment_command_64*) ldCmd; 74 | } else { 75 | ldCmd = findLoadCommandOfType(kernel, ldCmd, LC_SEGMENT_64); 76 | } 77 | } 78 | 79 | return NULL; 80 | } 81 | 82 | bool findUUID(uint8_t *kernel, uint8_t *buffer) { 83 | struct uuid_command *uuidCmd = (struct uuid_command*) findLoadCommandOfType(kernel, NULL, LC_UUID); 84 | if (uuidCmd == NULL) { 85 | return false; 86 | } 87 | 88 | memcpy(buffer, uuidCmd->uuid, sizeof(uint8_t) * 16); 89 | return true; 90 | } 91 | 92 | bool UUID_matches_running(uint8_t *kernelDisk) { 93 | uint8_t uuid[16]; 94 | uint8_t uuidRunning[16]; 95 | 96 | uint8_t *kernelRunning = (uint8_t*) findKernelBase(); 97 | if (kernelRunning == NULL) { 98 | return false; 99 | } 100 | 101 | if (!findUUID(kernelDisk, uuid)) { 102 | return false; 103 | } 104 | 105 | if (!findUUID(kernelRunning, uuidRunning)) { 106 | return false; 107 | } 108 | 109 | if (memcmp(uuid, uuidRunning, sizeof(uint8_t) * 16) == 0) { 110 | return true; 111 | } 112 | 113 | return false; 114 | } 115 | 116 | bool initKernelInfo() { 117 | bool res = false; 118 | 119 | kInfo.kernelBase = (uint8_t*) findKernelBase(); 120 | if (kInfo.kernelBase == NULL) { 121 | return false; 122 | } 123 | 124 | uint8_t *kernelBuffer; 125 | MALLOC(kernelBuffer, uint8_t*, KERNEL_READ_SIZE, M_TEMP, M_ZERO); 126 | 127 | if (kernelBuffer == NULL) { 128 | return false; 129 | } 130 | 131 | bool kernelFound = false; 132 | 133 | int paths_offset; 134 | 135 | for (paths_offset = 0; paths_offset < sizeof(kernel_paths) / sizeof(char*); paths_offset++) { 136 | if (readFile(kernel_paths[paths_offset], kernelBuffer, 0, KERNEL_READ_SIZE) == 0) { 137 | if (UUID_matches_running(kernelBuffer)) { 138 | kernelFound = true; 139 | break; 140 | } 141 | } 142 | } 143 | 144 | if (!kernelFound) { 145 | goto exit; 146 | } 147 | 148 | struct segment_command_64 *disk__TEXT = findSegmentLoadCommand(kernelBuffer, "__TEXT"); 149 | if (disk__TEXT == NULL) { 150 | goto exit; 151 | } 152 | 153 | struct segment_command_64 *running__TEXT = findSegmentLoadCommand((uint8_t*) kInfo.kernelBase, "__TEXT"); 154 | if (running__TEXT == NULL) { 155 | goto exit; 156 | } 157 | 158 | struct symtab_command *symtab = (struct symtab_command*) findLoadCommandOfType(kernelBuffer, NULL, LC_SYMTAB); 159 | if (symtab == NULL) { 160 | goto exit; 161 | } 162 | 163 | kInfo.diskTEXT = disk__TEXT->vmaddr; 164 | kInfo.runningTEXT = running__TEXT->vmaddr; 165 | kInfo.KASLR = kInfo.runningTEXT - kInfo.diskTEXT; 166 | 167 | struct segment_command_64 *linkeditLoadCmd = findSegmentLoadCommand(kernelBuffer, "__LINKEDIT"); 168 | if (linkeditLoadCmd == NULL) { 169 | goto exit; 170 | } 171 | 172 | uint8_t *linkedit; 173 | MALLOC(linkedit, uint8_t*, linkeditLoadCmd->filesize, M_TEMP, M_ZERO); 174 | if (linkedit == NULL) { 175 | goto exit; 176 | } 177 | 178 | if (readFile(kernel_paths[paths_offset], linkedit, linkeditLoadCmd->fileoff, linkeditLoadCmd->filesize) != 0) { 179 | FREE(linkedit, M_TEMP); 180 | goto exit; 181 | } 182 | 183 | kInfo.linkeditSegment = linkedit; 184 | kInfo.linkeditSize = linkeditLoadCmd->filesize; 185 | kInfo.symTable = (uint8_t*) (linkedit + (symtab->symoff - linkeditLoadCmd->fileoff)); 186 | kInfo.numOfSymbols = symtab->nsyms; 187 | kInfo.stringTable = (uint8_t*) (linkedit + (symtab->stroff - linkeditLoadCmd->fileoff)); 188 | kInfo.stringTableSize = symtab->strsize; 189 | kInfo.initializedMagic = MH_MAGIC; 190 | 191 | res = true; 192 | 193 | exit: 194 | FREE(kernelBuffer, M_TEMP); 195 | return res; 196 | } 197 | 198 | void cleanupKernelInfo() { 199 | if (kInfo.initializedMagic != MH_MAGIC) { 200 | return; 201 | } 202 | 203 | kInfo.initializedMagic = MH_CIGAM; 204 | 205 | uint8_t *linkedit = kInfo.linkeditSegment; 206 | kInfo.linkeditSegment = NULL; 207 | kInfo.symTable = NULL; 208 | kInfo.stringTable = NULL; 209 | 210 | FREE(linkedit, M_TEMP); 211 | } 212 | 213 | void *findKernelSymbol(char *sym) { 214 | if (kInfo.initializedMagic != MH_MAGIC || kInfo.symTable == NULL || kInfo.stringTable == NULL || kInfo.numOfSymbols == 0 || kInfo.stringTableSize == 0) { 215 | return NULL; 216 | } 217 | 218 | struct nlist_64 *symEnts = (struct nlist_64*) kInfo.symTable; 219 | 220 | for (unsigned int i = 0; i < kInfo.numOfSymbols; i++) { 221 | char *symbolStr = (char*) ((mach_vm_address_t) kInfo.stringTable + symEnts[i].n_un.n_strx); 222 | if (strcmp(symbolStr, sym) == 0) { 223 | return (void*) ((mach_vm_address_t) symEnts[i].n_value + kInfo.KASLR); 224 | } 225 | } 226 | 227 | return NULL; 228 | } 229 | 230 | void enableKernelWrite() { 231 | asm volatile ("cli"); 232 | 233 | uintptr_t cr0 = get_cr0(); 234 | cr0 &= ~CR0_WP; 235 | set_cr0(cr0); 236 | } 237 | 238 | void disableKernelWrite() { 239 | uintptr_t cr0 = get_cr0(); 240 | cr0 |= CR0_WP; 241 | set_cr0(cr0); 242 | 243 | asm volatile ("sti"); 244 | } 245 | -------------------------------------------------------------------------------- /Unrootless.xcodeproj/project.pbxproj: -------------------------------------------------------------------------------- 1 | // !$*UTF8*$! 2 | { 3 | archiveVersion = 1; 4 | classes = { 5 | }; 6 | objectVersion = 46; 7 | objects = { 8 | 9 | /* Begin PBXBuildFile section */ 10 | 1509BDD81B6543AC00E6E1F9 /* Unrootless.c in Sources */ = {isa = PBXBuildFile; fileRef = 1509BDD71B6543AC00E6E1F9 /* Unrootless.c */; }; 11 | 156A27311DAD20FD0044AE0B /* Kernel.c in Sources */ = {isa = PBXBuildFile; fileRef = 156A272F1DAD20FD0044AE0B /* Kernel.c */; }; 12 | 156A27321DAD20FD0044AE0B /* Kernel.h in Headers */ = {isa = PBXBuildFile; fileRef = 156A27301DAD20FD0044AE0B /* Kernel.h */; }; 13 | 156A27351DAD31550044AE0B /* Filesystem.c in Sources */ = {isa = PBXBuildFile; fileRef = 156A27331DAD31550044AE0B /* Filesystem.c */; }; 14 | 156A27361DAD31550044AE0B /* Filesystem.h in Headers */ = {isa = PBXBuildFile; fileRef = 156A27341DAD31550044AE0B /* Filesystem.h */; }; 15 | 15B06F971BBD841A00ED3CF5 /* LICENSE.txt in Resources */ = {isa = PBXBuildFile; fileRef = 15B06F951BBD841A00ED3CF5 /* LICENSE.txt */; }; 16 | /* End PBXBuildFile section */ 17 | 18 | /* Begin PBXFileReference section */ 19 | 1509BDD41B6543AC00E6E1F9 /* Unrootless.kext */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = Unrootless.kext; sourceTree = BUILT_PRODUCTS_DIR; }; 20 | 1509BDD71B6543AC00E6E1F9 /* Unrootless.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = Unrootless.c; sourceTree = ""; }; 21 | 1509BDD91B6543AC00E6E1F9 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; 22 | 1518C1DC1DAE7B3B006DDBBB /* GlobalDefinitions.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = GlobalDefinitions.h; sourceTree = ""; }; 23 | 156A272F1DAD20FD0044AE0B /* Kernel.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = Kernel.c; sourceTree = ""; }; 24 | 156A27301DAD20FD0044AE0B /* Kernel.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = Kernel.h; sourceTree = ""; }; 25 | 156A27331DAD31550044AE0B /* Filesystem.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = Filesystem.c; sourceTree = ""; }; 26 | 156A27341DAD31550044AE0B /* Filesystem.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = Filesystem.h; sourceTree = ""; }; 27 | 15B06F951BBD841A00ED3CF5 /* LICENSE.txt */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = LICENSE.txt; sourceTree = ""; }; 28 | 15B06F961BBD841A00ED3CF5 /* README.md */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = net.daringfireball.markdown; path = README.md; sourceTree = ""; }; 29 | 15EC85A11C95D30C002ED12A /* csr.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = csr.h; sourceTree = ""; }; 30 | /* End PBXFileReference section */ 31 | 32 | /* Begin PBXFrameworksBuildPhase section */ 33 | 1509BDD01B6543AC00E6E1F9 /* Frameworks */ = { 34 | isa = PBXFrameworksBuildPhase; 35 | buildActionMask = 2147483647; 36 | files = ( 37 | ); 38 | runOnlyForDeploymentPostprocessing = 0; 39 | }; 40 | /* End PBXFrameworksBuildPhase section */ 41 | 42 | /* Begin PBXGroup section */ 43 | 1509BDCA1B6543AC00E6E1F9 = { 44 | isa = PBXGroup; 45 | children = ( 46 | 15B06F951BBD841A00ED3CF5 /* LICENSE.txt */, 47 | 15B06F961BBD841A00ED3CF5 /* README.md */, 48 | 1509BDD61B6543AC00E6E1F9 /* Unrootless */, 49 | 1509BDD51B6543AC00E6E1F9 /* Products */, 50 | ); 51 | sourceTree = ""; 52 | }; 53 | 1509BDD51B6543AC00E6E1F9 /* Products */ = { 54 | isa = PBXGroup; 55 | children = ( 56 | 1509BDD41B6543AC00E6E1F9 /* Unrootless.kext */, 57 | ); 58 | name = Products; 59 | sourceTree = ""; 60 | }; 61 | 1509BDD61B6543AC00E6E1F9 /* Unrootless */ = { 62 | isa = PBXGroup; 63 | children = ( 64 | 1509BDD71B6543AC00E6E1F9 /* Unrootless.c */, 65 | 156A272F1DAD20FD0044AE0B /* Kernel.c */, 66 | 156A27301DAD20FD0044AE0B /* Kernel.h */, 67 | 156A27331DAD31550044AE0B /* Filesystem.c */, 68 | 156A27341DAD31550044AE0B /* Filesystem.h */, 69 | 15EC85A11C95D30C002ED12A /* csr.h */, 70 | 1518C1DC1DAE7B3B006DDBBB /* GlobalDefinitions.h */, 71 | 1509BDD91B6543AC00E6E1F9 /* Info.plist */, 72 | ); 73 | path = Unrootless; 74 | sourceTree = ""; 75 | }; 76 | /* End PBXGroup section */ 77 | 78 | /* Begin PBXHeadersBuildPhase section */ 79 | 1509BDD11B6543AC00E6E1F9 /* Headers */ = { 80 | isa = PBXHeadersBuildPhase; 81 | buildActionMask = 2147483647; 82 | files = ( 83 | 156A27321DAD20FD0044AE0B /* Kernel.h in Headers */, 84 | 156A27361DAD31550044AE0B /* Filesystem.h in Headers */, 85 | ); 86 | runOnlyForDeploymentPostprocessing = 0; 87 | }; 88 | /* End PBXHeadersBuildPhase section */ 89 | 90 | /* Begin PBXNativeTarget section */ 91 | 1509BDD31B6543AC00E6E1F9 /* Unrootless */ = { 92 | isa = PBXNativeTarget; 93 | buildConfigurationList = 1509BDDC1B6543AC00E6E1F9 /* Build configuration list for PBXNativeTarget "Unrootless" */; 94 | buildPhases = ( 95 | 1509BDCF1B6543AC00E6E1F9 /* Sources */, 96 | 1509BDD01B6543AC00E6E1F9 /* Frameworks */, 97 | 1509BDD11B6543AC00E6E1F9 /* Headers */, 98 | 1509BDD21B6543AC00E6E1F9 /* Resources */, 99 | ); 100 | buildRules = ( 101 | ); 102 | dependencies = ( 103 | ); 104 | name = Unrootless; 105 | productName = Test; 106 | productReference = 1509BDD41B6543AC00E6E1F9 /* Unrootless.kext */; 107 | productType = "com.apple.product-type.kernel-extension"; 108 | }; 109 | /* End PBXNativeTarget section */ 110 | 111 | /* Begin PBXProject section */ 112 | 1509BDCB1B6543AC00E6E1F9 /* Project object */ = { 113 | isa = PBXProject; 114 | attributes = { 115 | LastUpgradeCheck = 1100; 116 | ORGANIZATIONNAME = "Linus Henze"; 117 | TargetAttributes = { 118 | 1509BDD31B6543AC00E6E1F9 = { 119 | CreatedOnToolsVersion = 7.0; 120 | DevelopmentTeam = 2JRT39ZN42; 121 | }; 122 | }; 123 | }; 124 | buildConfigurationList = 1509BDCE1B6543AC00E6E1F9 /* Build configuration list for PBXProject "Unrootless" */; 125 | compatibilityVersion = "Xcode 3.2"; 126 | developmentRegion = en; 127 | hasScannedForEncodings = 0; 128 | knownRegions = ( 129 | en, 130 | Base, 131 | ); 132 | mainGroup = 1509BDCA1B6543AC00E6E1F9; 133 | productRefGroup = 1509BDD51B6543AC00E6E1F9 /* Products */; 134 | projectDirPath = ""; 135 | projectRoot = ""; 136 | targets = ( 137 | 1509BDD31B6543AC00E6E1F9 /* Unrootless */, 138 | ); 139 | }; 140 | /* End PBXProject section */ 141 | 142 | /* Begin PBXResourcesBuildPhase section */ 143 | 1509BDD21B6543AC00E6E1F9 /* Resources */ = { 144 | isa = PBXResourcesBuildPhase; 145 | buildActionMask = 2147483647; 146 | files = ( 147 | 15B06F971BBD841A00ED3CF5 /* LICENSE.txt in Resources */, 148 | ); 149 | runOnlyForDeploymentPostprocessing = 0; 150 | }; 151 | /* End PBXResourcesBuildPhase section */ 152 | 153 | /* Begin PBXSourcesBuildPhase section */ 154 | 1509BDCF1B6543AC00E6E1F9 /* Sources */ = { 155 | isa = PBXSourcesBuildPhase; 156 | buildActionMask = 2147483647; 157 | files = ( 158 | 1509BDD81B6543AC00E6E1F9 /* Unrootless.c in Sources */, 159 | 156A27311DAD20FD0044AE0B /* Kernel.c in Sources */, 160 | 156A27351DAD31550044AE0B /* Filesystem.c in Sources */, 161 | ); 162 | runOnlyForDeploymentPostprocessing = 0; 163 | }; 164 | /* End PBXSourcesBuildPhase section */ 165 | 166 | /* Begin XCBuildConfiguration section */ 167 | 1509BDDA1B6543AC00E6E1F9 /* Debug */ = { 168 | isa = XCBuildConfiguration; 169 | buildSettings = { 170 | ALWAYS_SEARCH_USER_PATHS = NO; 171 | CLANG_ANALYZER_LOCALIZABILITY_NONLOCALIZED = YES; 172 | CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x"; 173 | CLANG_CXX_LIBRARY = "libc++"; 174 | CLANG_ENABLE_MODULES = YES; 175 | CLANG_ENABLE_OBJC_ARC = YES; 176 | CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES; 177 | CLANG_WARN_BOOL_CONVERSION = YES; 178 | CLANG_WARN_COMMA = YES; 179 | CLANG_WARN_CONSTANT_CONVERSION = YES; 180 | CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES; 181 | CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; 182 | CLANG_WARN_EMPTY_BODY = YES; 183 | CLANG_WARN_ENUM_CONVERSION = YES; 184 | CLANG_WARN_INFINITE_RECURSION = YES; 185 | CLANG_WARN_INT_CONVERSION = YES; 186 | CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES; 187 | CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES; 188 | CLANG_WARN_OBJC_LITERAL_CONVERSION = YES; 189 | CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; 190 | CLANG_WARN_RANGE_LOOP_ANALYSIS = YES; 191 | CLANG_WARN_STRICT_PROTOTYPES = YES; 192 | CLANG_WARN_SUSPICIOUS_MOVE = YES; 193 | CLANG_WARN_UNREACHABLE_CODE = YES; 194 | CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; 195 | COPY_PHASE_STRIP = NO; 196 | DEBUG_INFORMATION_FORMAT = dwarf; 197 | ENABLE_STRICT_OBJC_MSGSEND = YES; 198 | ENABLE_TESTABILITY = YES; 199 | GCC_C_LANGUAGE_STANDARD = gnu99; 200 | GCC_DYNAMIC_NO_PIC = NO; 201 | GCC_NO_COMMON_BLOCKS = YES; 202 | GCC_OPTIMIZATION_LEVEL = 0; 203 | GCC_PREPROCESSOR_DEFINITIONS = ( 204 | "DEBUG=1", 205 | "$(inherited)", 206 | ); 207 | GCC_WARN_64_TO_32_BIT_CONVERSION = YES; 208 | GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; 209 | GCC_WARN_UNDECLARED_SELECTOR = YES; 210 | GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; 211 | GCC_WARN_UNUSED_FUNCTION = YES; 212 | GCC_WARN_UNUSED_VARIABLE = YES; 213 | MACOSX_DEPLOYMENT_TARGET = 10.13; 214 | MTL_ENABLE_DEBUG_INFO = YES; 215 | ONLY_ACTIVE_ARCH = YES; 216 | SDKROOT = macosx; 217 | }; 218 | name = Debug; 219 | }; 220 | 1509BDDB1B6543AC00E6E1F9 /* Release */ = { 221 | isa = XCBuildConfiguration; 222 | buildSettings = { 223 | ALWAYS_SEARCH_USER_PATHS = NO; 224 | CLANG_ANALYZER_LOCALIZABILITY_NONLOCALIZED = YES; 225 | CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x"; 226 | CLANG_CXX_LIBRARY = "libc++"; 227 | CLANG_ENABLE_MODULES = YES; 228 | CLANG_ENABLE_OBJC_ARC = YES; 229 | CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES; 230 | CLANG_WARN_BOOL_CONVERSION = YES; 231 | CLANG_WARN_COMMA = YES; 232 | CLANG_WARN_CONSTANT_CONVERSION = YES; 233 | CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES; 234 | CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; 235 | CLANG_WARN_EMPTY_BODY = YES; 236 | CLANG_WARN_ENUM_CONVERSION = YES; 237 | CLANG_WARN_INFINITE_RECURSION = YES; 238 | CLANG_WARN_INT_CONVERSION = YES; 239 | CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES; 240 | CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES; 241 | CLANG_WARN_OBJC_LITERAL_CONVERSION = YES; 242 | CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; 243 | CLANG_WARN_RANGE_LOOP_ANALYSIS = YES; 244 | CLANG_WARN_STRICT_PROTOTYPES = YES; 245 | CLANG_WARN_SUSPICIOUS_MOVE = YES; 246 | CLANG_WARN_UNREACHABLE_CODE = YES; 247 | CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; 248 | COPY_PHASE_STRIP = NO; 249 | DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; 250 | ENABLE_NS_ASSERTIONS = NO; 251 | ENABLE_STRICT_OBJC_MSGSEND = YES; 252 | GCC_C_LANGUAGE_STANDARD = gnu99; 253 | GCC_NO_COMMON_BLOCKS = YES; 254 | GCC_WARN_64_TO_32_BIT_CONVERSION = YES; 255 | GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; 256 | GCC_WARN_UNDECLARED_SELECTOR = YES; 257 | GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; 258 | GCC_WARN_UNUSED_FUNCTION = YES; 259 | GCC_WARN_UNUSED_VARIABLE = YES; 260 | MACOSX_DEPLOYMENT_TARGET = 10.13; 261 | MTL_ENABLE_DEBUG_INFO = NO; 262 | SDKROOT = macosx; 263 | }; 264 | name = Release; 265 | }; 266 | 1509BDDD1B6543AC00E6E1F9 /* Debug */ = { 267 | isa = XCBuildConfiguration; 268 | buildSettings = { 269 | CODE_SIGN_IDENTITY = "-"; 270 | COMBINE_HIDPI_IMAGES = YES; 271 | INFOPLIST_FILE = Unrootless/Info.plist; 272 | MACOSX_DEPLOYMENT_TARGET = 10.11; 273 | MODULE_NAME = de.linushenze.unrootless; 274 | MODULE_START = unrootless_start; 275 | MODULE_STOP = unrootless_stop; 276 | MODULE_VERSION = 1.0.1; 277 | PRODUCT_BUNDLE_IDENTIFIER = de.linushenze.unrootless; 278 | PRODUCT_NAME = Unrootless; 279 | SDKROOT = macosx; 280 | WRAPPER_EXTENSION = kext; 281 | }; 282 | name = Debug; 283 | }; 284 | 1509BDDE1B6543AC00E6E1F9 /* Release */ = { 285 | isa = XCBuildConfiguration; 286 | buildSettings = { 287 | CODE_SIGN_IDENTITY = "-"; 288 | COMBINE_HIDPI_IMAGES = YES; 289 | INFOPLIST_FILE = Unrootless/Info.plist; 290 | MACOSX_DEPLOYMENT_TARGET = 10.11; 291 | MODULE_NAME = de.linushenze.unrootless; 292 | MODULE_START = unrootless_start; 293 | MODULE_STOP = unrootless_stop; 294 | MODULE_VERSION = 1.0.1; 295 | PRODUCT_BUNDLE_IDENTIFIER = de.linushenze.unrootless; 296 | PRODUCT_NAME = Unrootless; 297 | SDKROOT = macosx; 298 | WRAPPER_EXTENSION = kext; 299 | }; 300 | name = Release; 301 | }; 302 | /* End XCBuildConfiguration section */ 303 | 304 | /* Begin XCConfigurationList section */ 305 | 1509BDCE1B6543AC00E6E1F9 /* Build configuration list for PBXProject "Unrootless" */ = { 306 | isa = XCConfigurationList; 307 | buildConfigurations = ( 308 | 1509BDDA1B6543AC00E6E1F9 /* Debug */, 309 | 1509BDDB1B6543AC00E6E1F9 /* Release */, 310 | ); 311 | defaultConfigurationIsVisible = 0; 312 | defaultConfigurationName = Release; 313 | }; 314 | 1509BDDC1B6543AC00E6E1F9 /* Build configuration list for PBXNativeTarget "Unrootless" */ = { 315 | isa = XCConfigurationList; 316 | buildConfigurations = ( 317 | 1509BDDD1B6543AC00E6E1F9 /* Debug */, 318 | 1509BDDE1B6543AC00E6E1F9 /* Release */, 319 | ); 320 | defaultConfigurationIsVisible = 0; 321 | defaultConfigurationName = Release; 322 | }; 323 | /* End XCConfigurationList section */ 324 | }; 325 | rootObject = 1509BDCB1B6543AC00E6E1F9 /* Project object */; 326 | } 327 | --------------------------------------------------------------------------------