Can I set an arbitrary nvram variable using rEFInd?

boot efi

Solution 1:

rEFInd will not let you set an arbitrary NVRAM variable directly but you can use EDK2 to compile a small EFI driver. This is described in the WikiLeaks document EFI Basics: NVRAM Variables

EFI drivers placed in rEFInd driver directory are loaded and run automatically - see The rEFInd Boot Manager: Using EFI Drivers. Alternatively you could write a EFI program rather than driver and then use a manual stanza in rEFInd to call a shell script to call this and then the bootloader.

Another (probably easier) method would be to modify rEFInd. You can see in the source how it sets the csr-active-config NVRAM variable to turn SIP on and off - apple.h defines the GUID:

// The constants related to Apple's System Integrity Protection (SIP)....
#define CSR_GUID { 0x7c436110, 0xab2a, 0x4bbb, { 0xa8, 0x80, 0xfe, 0x41, 0x99, 0x5c, 0x9f, 0x82 } };

apple.c calls the EfivarSetRaw() function in lib.c

Status = EfivarSetRaw(&CsrGuid, L"csr-active-config", (CHAR8 *) &TargetCsr, 4, TRUE);
if (Status == EFI_SUCCESS)
    RecordgCsrStatus(TargetCsr, TRUE);
else
    SPrint(gCsrStatus, 255, L" Error setting System Integrity Protection code.");

Other NVRAM updates could be made in the same way - there are various other GUID listed in the WikiLeaks link in the first paragraph.

If you want to pass a boot argument without updating NVRAM you can create a manual boot entry in rEFInd and specify the options in refind.conf. Additional options can be added using add_options - see the Creating Manual Boot Stanzas page of the documentation.

For example you can define submenu options like this and pick between them using F2 at boot.

menuentry "Catalina" {
    # Get loader GUID from macOS subvolume: diskutil info disk1s5|grep 'Volume UUID'
    icon \EFI\refind\themes\colourful\myicons\os_mac_silver.png
    volume "Preboot"
    loader \3B4B18C9-C57D-4F98-9168-C8D8B9F06EAD\System\Library\CoreServices\boot.efi
    submenuentry "Verbose" {
        add_options "-v"
    }
    submenuentry "Single User" {
        add_options "-v -s"
    }
    submenuentry "Safe Mode" {
        add_options "-v -x"
    }
    submenuentry "Recovery" {
        volume "Recovery"
        loader \3B4B18C9-C57D-4F98-9168-C8D8B9F06EAD\boot.efi
    }
}

Related

Resolution scaling and performance
macOS Catalina Homebrew mariadb Installation Issues
AppleScript: set Safari tab to specific index
Disable gatekeeper notarisation check without disabling SIP
How do I find which directories are taking up my inode count?
How to turn WiFi on\off based on location
MacBook Pro 13 will not recognize battery and will not charge after battery replacement
Where does an iPhone store the number of failed password entries?
macOS Catalina Downloading information to target volume failed ERROR
Mysterious Reply-To Header in Apple Mail
iPhone 11 erratic airplane mode
zsh (brew) and oh-my-zsh: Insecure completion-dependent directories detected (as root user)