int csrutil_EntryPoint(int arg0, int arg1) { rsi = arg1; r15 = rsi;

1. int csrutil_EntryPoint(int arg0, int arg1) {
2. rsi = arg1;
3. r15 = rsi;
4. r12 = arg0;
5. if (r12 == 0x1) goto loc_100001f05;
6.  
7. loc_10000184d:
8. rbx = *(r15 + 0x8);
9. if (strcmp(rbx, "clear") == 0x0) goto loc_10000193f;
10.  
11. loc_100001868:
12. r14 = r12 - 0x1;
13. if (strcmp(rbx, "disable") == 0x0) goto loc_100001965;
14.  
15. loc_100001884:
16. r15 = r15 + 0x8;
17. if (strcmp(rbx, "enable") == 0x0) goto loc_1000019e4;
18.  
19. loc_10000189f:
20. if (strcmp(rbx, "netboot") == 0x0) goto loc_100001b85;
21.  
22. loc_1000018b6:
23. if (strcmp(rbx, "report") == 0x0) goto loc_100001b92;
24.  
25. loc_1000018cd:
26. if (strcmp(rbx, "status") != 0x0) goto loc_100001f62;
27.  
28. loc_1000018e4:
29. var_B4 = 0x0;
30. rax = csr_get_active_config(&var_B4, "status");
31. if (rax != 0x0) goto loc_100001f4f;
32.  
33. loc_1000018fe:
34. printf("System Integrity Protection status: ");
35. rax = var_B4;
36. if (rax <= 0x66) {
37. if (rax != 0x0) {
38. if (rax == 0x10) {
39. rsi = "status";
40. rdi = "enabled (Apple Internal).";
41. }
42. else {
43. puts("enabled (Custom Configuration).\n");
44. puts("Configuration:");
45. rsi = "disabled";
46. if ((var_B4 & 0x10) != 0x0) {
47. rsi = "enabled";
48. }
49. printf("\tApple Internal: %s\n", rsi);
50. rbx = 0x10;
51. do {
52. rsi = *(rbx + objc_cls_ref_NSMutableArray);
53. rdx = "enabled";
54. if ((var_B4 & *(int32_t *)(rbx + 0x1000032a0)) != 0x0) {
55. rdx = "disabled";
56. }
57. printf("\t%s: %s\n", rsi, rdx);
58. rbx = rbx + 0x18;
59. } while (rbx != 0xa0);
60. rdi = "\nThis is an unsupported configuration, likely to break in the future and leave your machine in an unknown state.";
61. }
62. }
63. else {
64. rsi = "status";
65. rdi = "enabled.";
66. }
67. }
68. else {
69. if (rax != 0x67) {
70. if (rax == 0x77) {
71. rsi = "status";
72. rdi = "disabled (Apple Internal).";
73. }
74. else {
75. puts("enabled (Custom Configuration).\n");
76. puts("Configuration:");
77. rsi = "disabled";
78. if ((var_B4 & 0x10) != 0x0) {
79. rsi = "enabled";
80. }
81. printf("\tApple Internal: %s\n", rsi);
82. rbx = 0x10;
83. do {
84. rsi = *(rbx + objc_cls_ref_NSMutableArray);
85. rdx = "enabled";
86. if ((var_B4 & *(int32_t *)(rbx + 0x1000032a0)) != 0x0) {
87. rdx = "disabled";
88. }
89. printf("\t%s: %s\n", rsi, rdx);
90. rbx = rbx + 0x18;
91. } while (rbx != 0xa0);
92. rdi = "\nThis is an unsupported configuration, likely to break in the future and leave your machine in an unknown state.";
93. }
94. }
95. else {
96. rsi = "status";
97. rdi = "disabled.";
98. }
99. }
100. puts(rdi);
101. r15 = [sub_1000020f6(rdi, rsi, rdx, rcx) retain];
102. if (r15 == 0x0) goto loc_100001f4f;
103.  
104. loc_100001cfb:
105. rbx = [[r15 objectForKeyedSubscript:@"netboot-sources"] retain];
106. r12 = [rbx count];
107. [rbx release];
108. if (r12 != 0x0) {
109. putchar(0xa);
110. puts("Allowed NetBoot sources:");
111. *(int128_t *)(&var_120 + 0x30) = intrinsic_movaps(*(int128_t *)(&var_120 + 0x30), 0x0);
112. *(int128_t *)(&var_120 + 0x20) = intrinsic_movaps(*(int128_t *)(&var_120 + 0x20), 0x0);
113. *(int128_t *)(&var_120 + 0x10) = intrinsic_movaps(*(int128_t *)(&var_120 + 0x10), 0x0);
114. var_120 = intrinsic_movaps(var_120, 0x0);
115. var_C8 = r15;
116. rax = [r15 objectForKeyedSubscript:@"netboot-sources"];
117. rax = [rax retain];
118. var_C0 = rax;
119. rax = [rax countByEnumeratingWithState:&var_120 objects:&var_B0 count:0x10];
120. rbx = rax;
121. if (rbx != 0x0) {
122. r13 = *_objc_msgSend;
123. r15 = **(&var_120 + 0x10);
124. do {
125. r14 = r13;
126. r13 = 0x0;
127. do {
128. if (*var_110 != r15) {
129. objc_enumerationMutation(var_C0);
130. }
131. printf(" %s\n", (r14)(objc_retainAutorelease(*(var_118 + r13 * 0x8)), @selector(UTF8String)));
132. r13 = r13 + 0x1;
133. } while (r13 < rbx);
134. r13 = r14;
135. rax = (r13)(var_C0, @selector(countByEnumeratingWithState:objects:count:), &var_120, &var_B0, 0x10);
136. rbx = rax;
137. } while (rbx != 0x0);
138. }
139. [var_C0 release];
140. r15 = var_C8;
141. }
142. [r15 release];
143. goto loc_100001b5d;
144.  
145. loc_100001b5d:
146. if (**___stack_chk_guard == **___stack_chk_guard) {
147. rax = 0x0;
148. }
149. else {
150. rax = __stack_chk_fail();
151. }
152. return rax;
153.  
154. loc_100001f4f:
155. rax = errx(0x45, "failed to retrieve system integrity configuration.");
156. return rax;
157.  
158. loc_100001f62:
159. rdi = "invalid command %s";
160. goto loc_100001edc;
161.  
162. loc_100001edc:
163. sub_100001744(rdi, rbx, rdx, rcx, r8, r9, var_120);
164. goto loc_100001ee6;
165.  
166. loc_100001ee6:
167. rsi = r13;
168. sub_100001744("invalid option %s.", rsi, rdx, rcx, r8, r9, var_120);
169. goto loc_100001ef7;
170.  
171. loc_100001ef7:
172. sub_100001744("--without requires an argument.", rsi, rdx, rcx, r8, r9, var_120);
173. goto loc_100001f05;
174.  
175. loc_100001f05:
176. sub_100001744(0x0, rsi, rdx, rcx, r8, r9, var_120);
177. rax = __stack_chk_fail();
178. return rax;
179.  
180. loc_100001b92:
181. var_B0 = 0x0;
182. rax = csr_get_active_config(&var_B0, "report");
183. if (rax != 0x0) goto loc_100001f4f;
184.  
185. loc_100001bac:
186. r14 = msgtracer_domain_new("com.apple.security.csr-config", "report");
187. if (r14 == 0x0) goto loc_100001f6e;
188.  
189. loc_100001bcb:
190. rbx = msgtracer_msg_new(r14, "report");
191. if (rbx == 0x0) goto loc_100001f77;
192.  
193. loc_100001bdf:
194. rax = var_B0;
195. msgtracer_set(rbx, "com.apple.message.signature");
196. msgtracer_log(rbx, 0x5, "");
197. msgtracer_msg_free(rbx);
198. msgtracer_domain_free(r14);
199. goto loc_100001b5d;
200.  
201. loc_100001f77:
202. rsi = "failed to create report message.";
203. goto loc_100001f7e;
204.  
205. loc_100001f7e:
206. rax = errx(0x47, rsi);
207. return rax;
208.  
209. loc_100001f6e:
210. rsi = "failed to create reporting domain.";
211. goto loc_100001f7e;
212.  
213. loc_100001b85:
214. sub_1000011f6(r14, r15);
215. goto loc_100001b5d;
216.  
217. loc_1000019e4:
218. var_B0 = 0x0;
219. rax = csr_get_active_config(&var_B0);
220. rdi = 0x10;
221. if (rax == 0x0) {
222. rdi = 0x200 & var_B0 | 0x10;
223. }
224. if (r14 < 0x2) goto loc_100001b44;
225.  
226. loc_100001a17:
227. var_E0 = r12 - 0x2;
228. rax = 0x1;
229. var_D8 = r15;
230. var_CC = r14;
231. goto loc_100001a3c;
232.  
233. loc_100001a3c:
234. var_C8 = rdi;
235. var_C0 = rax;
236. r13 = sign_extend_64(rax);
237. rbx = *(r15 + r13 * 0x8);
238. if (strcmp(rbx, "--no-internal") == 0x0) goto loc_100001b2a;
239.  
240. loc_100001a66:
241. if (strcmp(rbx, "--without") != 0x0) goto loc_100001ed5;
242.  
243. loc_100001a7d:
244. rsi = "--without";
245. if (var_C0 == var_E0) goto loc_100001ef7;
246.  
247. loc_100001a8f:
248. r14 = 0x0;
249. warnx("requesting an unsupported configuration. This is likely to break in the future and leave your machine in an unknown state.");
250. rbx = strtok(*(r15 + r13 * 0x8 + 0x8), ",");
251. if (rbx == 0x0) goto loc_100001b09;
252.  
253. loc_100001ab9:
254. r14 = 0x0;
255. goto loc_100001abc;
256.  
257. loc_100001abc:
258. r15 = 0x10;
259. r13 = 0x0;
260. do {
261. if (strcmp(*(r15 + objc_cls_ref_NSString), rbx) == 0x0) {
262. r13 = *(int32_t *)(r15 + 0x1000032a0);
263. }
264. r15 = r15 + 0x18;
265. } while (r15 != 0xa0);
266. if (r13 == 0x0) goto loc_100001ed5;
267.  
268. loc_100001af0:
269. r14 = r14 | r13;
270. rbx = strtok(0x0, ",");
271. if (rbx != 0x0) goto loc_100001abc;
272.  
273. loc_100001b09:
274. rax = var_C0 + 0x1;
275. rdi = var_C8 | r14;
276. r15 = var_D8;
277. r14 = var_CC;
278. goto loc_100001b39;
279.  
280. loc_100001b39:
281. rax = rax + 0x1;
282. if (rax < r14) goto loc_100001a3c;
283.  
284. loc_100001b44:
285. if (sub_100001ff8(rdi) != 0x0) goto loc_100001f13;
286.  
287. loc_100001b51:
288. rdi = "Successfully enabled System Integrity Protection. Please restart the machine for the changes to take effect.";
289. goto loc_100001b58;
290.  
291. loc_100001b58:
292. puts(rdi);
293. goto loc_100001b5d;
294.  
295. loc_100001f13:
296. rsi = "failed to modify system integrity configuration. This tool needs to be executed from the Recovery OS.";
297. goto loc_100001f23;
298.  
299. loc_100001f23:
300. rax = errx(0x4d, rsi);
301. return rax;
302.  
303. loc_100001ed5:
304. rdi = "invalid option %s.";
305. goto loc_100001edc;
306.  
307. loc_100001b2a:
308. rdi = var_C8 & 0xffffffef;
309. rax = var_C0;
310. goto loc_100001b39;
311.  
312. loc_100001965:
313. var_B0 = 0x0;
314. rax = csr_get_active_config(&var_B0, "disable");
315. r12 = 0x77;
316. if (rax == 0x0) {
317. r12 = 0x200 & var_B0 | 0x77;
318. }
319. if (r14 < 0x2) goto loc_1000019c8;
320.  
321. loc_100001998:
322. r14 = sign_extend_64(r14);
323. rbx = 0x1;
324. goto loc_1000019a0;
325.  
326. loc_1000019a0:
327. r13 = *(r15 + rbx * 0x8 + 0x8);
328. if (strcmp(r13, "--no-internal") != 0x0) goto loc_100001ee6;
329.  
330. loc_1000019bc:
331. r12 = r12 & 0xffffffef;
332. rbx = rbx + 0x1;
333. if (rbx < r14) goto loc_1000019a0;
334.  
335. loc_1000019c8:
336. if (sub_100001ff8(r12) != 0x0) goto loc_100001f13;
337.  
338. loc_1000019d8:
339. rdi = "Successfully disabled System Integrity Protection. Please restart the machine for the changes to take effect.";
340. goto loc_100001b58;
341.  
342. loc_10000193f:
343. if (geteuid() != 0x0) goto loc_100001f1c;
344.  
345. loc_10000194c:
346. rax = sub_100001f8a();
347. if (rax != 0x0) goto loc_100001f2f;
348.  
349. loc_100001959:
350. rdi = "Successfully cleared System Integrity Protection. Please restart the machine for the changes to take effect.";
351. goto loc_100001b58;
352.  
353. loc_100001f2f:
354. rax = errx(0x4d, "failed to clear system integrity configuration. %s", mach_error_string(rax));
355. return rax;
356.  
357. loc_100001f1c:
358. rsi = "failed to clear system integrity configuration. This tool needs to be run as root.";
359. goto loc_100001f23;
360. }