I'm working on a Kext that runs under 10.12.4 VM (I use parallels) and I'd like to enable pointer printouts (currently all pointers are hidden and appears on /var/log/system.log as <ptr>)
Prior to 10.12 there was option to directly put away debugging restrictions by setting nvram csr-active-config=%ff%00%00%00. However, now it's impossible to set csr-active-config directly but through csrutil disable from recovery mode. unfortunately, it doesn't disable all SIP features and the pointers remain hidden.
luckily, the following thread that offers workaround :
Alternatively, CSR can be disabled entirely by setting csr-active-config=ff%00%00%00. For a VM this can be achieved by booting to the Recovery partition, running csrutil clear to delete the csr-active-config variable entirely and nvram Xsr-active-config=ff%00%00%00. Then shutdown the VM, and use a hex editor to change X -> c in the nvram file. This will allow the -show_pointers boot-arg to work.
I'm working with Parallels, and I try to find the location of nvram settings. I saw promising file called NVRAM.dat but unfortunately
I couldn't trace the string Xsr-active-config after I've followed the instructions in the quoted paragraph above.
Perhaps there's another place for the nvram settings ?
thanks
I don't have a direct answer to your question, but I have a workaround: the output to the kprintf() serial log is not pointer-sanitised. So if you enable the kprintf flag in the debug boot-args, activate a virtual serial port which writes to a host file in the VM setup and change your logging from printf/IOLog to kprintf, you can get raw logging to your serial port file.
I find the kprintf() logging mechanism more helpful than the kernel syslog in other ways too - it works right up to a panic, it's not rate-limited, and it's less noisy. The downside is it has a noticeable performance impact if you log a lot.