1 | #ifndef libTrustCache_TypesConfig_h |
2 | #define libTrustCache_TypesConfig_h |
3 | |
4 | #include <sys/cdefs.h> |
5 | __BEGIN_DECLS |
6 | |
7 | #include <TrustCache/Types.h> |
8 | |
9 | #if XNU_KERNEL_PRIVATE |
10 | /* |
11 | * The AppleImage4 API definitions are accessed through the 'img4if' indirection |
12 | * layer within XNU itself. Kernel extensions can access them directly from the |
13 | * AppleImage4 headers. |
14 | */ |
15 | #include <libkern/img4/interface.h> |
16 | #endif |
17 | |
18 | #if !XNU_KERNEL_PRIVATE |
19 | /* |
20 | * XNU does not make this header available and uses different availability macros |
21 | * than kernel extensions or base user-space applications. |
22 | */ |
23 | #include <TargetConditionals.h> |
24 | #endif |
25 | |
26 | #pragma mark Chip Environments |
27 | |
28 | static const img4_chip_t* |
29 | chipEnvironmentPersonalized(void) { |
30 | return img4_chip_select_personalized_ap(); |
31 | } |
32 | |
33 | static const img4_chip_t* |
34 | chipEnvironmentCategorized(void) { |
35 | return img4_chip_select_categorized_ap(); |
36 | } |
37 | |
38 | static const img4_chip_t* |
39 | chipEnvironmentGlobalFF00(void) { |
40 | return IMG4_CHIP_AP_SOFTWARE_FF00; |
41 | } |
42 | |
43 | static const img4_chip_t* |
44 | chipEnvironmentGlobalFF01(void) { |
45 | return IMG4_CHIP_AP_SOFTWARE_FF01; |
46 | } |
47 | |
48 | static const img4_chip_t* |
49 | chipEnvironmentGlobalFF06(void) { |
50 | return IMG4_CHIP_AP_SOFTWARE_FF06; |
51 | } |
52 | |
53 | static const img4_chip_t* |
54 | chipEnvironmentEphemeralCryptex(void) { |
55 | return IMG4_CHIP_AP_SUPPLEMENTAL; |
56 | } |
57 | |
58 | static const img4_chip_t* |
59 | chipEnvironmentCryptex1Boot(void) { |
60 | #if IMG4_API_VERSION >= 20211126 |
61 | return img4_chip_select_cryptex1_boot(); |
62 | #else |
63 | return NULL; |
64 | #endif |
65 | } |
66 | |
67 | static const img4_chip_t* |
68 | chipEnvironmentCryptex1PreBoot(void) { |
69 | #if IMG4_API_VERSION >= 20211126 |
70 | return img4_chip_select_cryptex1_preboot(); |
71 | #else |
72 | return NULL; |
73 | #endif |
74 | } |
75 | |
76 | static const img4_chip_t* |
77 | chipEnvironmentCryptex1MobileAsset(void) { |
78 | #if IMG4_API_VERSION >= 20211126 |
79 | return IMG4_CHIP_CRYPTEX1_ASSET; |
80 | #else |
81 | return NULL; |
82 | #endif |
83 | } |
84 | |
85 | static const img4_chip_t* |
86 | chipEnvironmentSafariDownlevel(void) { |
87 | #if IMG4_API_VERSION >= 20211126 |
88 | return IMG4_CHIP_CRYPTEX1_BOOT_REDUCED; |
89 | #else |
90 | return NULL; |
91 | #endif |
92 | } |
93 | |
94 | static const img4_chip_t* |
95 | chipEnvironmentSupplemental(void) { |
96 | return IMG4_CHIP_AP_SUPPLEMENTAL; |
97 | } |
98 | |
99 | static const img4_chip_t* |
100 | chipEnvironmentCryptex1Generic(void) { |
101 | #if IMG4_API_VERSION >= 20221202 |
102 | return IMG4_CHIP_CRYPTEX1_GENERIC; |
103 | #else |
104 | return NULL; |
105 | #endif |
106 | } |
107 | |
108 | static const img4_chip_t* |
109 | chipEnvironmentCryptex1GenericSupplemental(void) { |
110 | #if IMG4_API_VERSION >= 20221202 |
111 | return IMG4_CHIP_CRYPTEX1_GENERIC_SUPPLEMENTAL; |
112 | #else |
113 | return NULL; |
114 | #endif |
115 | } |
116 | |
117 | #pragma mark Nonce Domains |
118 | |
119 | static const img4_nonce_domain_t* |
120 | nonceDomainTrustCache(void) { |
121 | return IMG4_NONCE_DOMAIN_TRUST_CACHE; |
122 | } |
123 | |
124 | static const img4_nonce_domain_t* |
125 | nonceDomainDDI(void) { |
126 | return IMG4_NONCE_DOMAIN_DDI; |
127 | } |
128 | |
129 | static const img4_nonce_domain_t* |
130 | nonceDomainCryptex(void) { |
131 | return IMG4_NONCE_DOMAIN_CRYPTEX; |
132 | } |
133 | |
134 | static const img4_nonce_domain_t* |
135 | nonceDomainEphemeralCryptex(void) { |
136 | return IMG4_NONCE_DOMAIN_EPHEMERAL_CRYPTEX; |
137 | } |
138 | |
139 | static const img4_nonce_domain_t* |
140 | nonceDomainPDI(void) { |
141 | return IMG4_NONCE_DOMAIN_PDI; |
142 | } |
143 | |
144 | #pragma mark Firmware Flags |
145 | |
146 | static img4_firmware_flags_t |
147 | firmwareFlagsDTRS(void) { |
148 | return IMG4_FIRMWARE_FLAG_RESPECT_AMNM; |
149 | } |
150 | |
151 | static img4_firmware_flags_t |
152 | firmwareFlagsSplat(void) { |
153 | #if XNU_TARGET_OS_OSX && (defined(__arm__) || defined(__arm64__)) |
154 | return IMG4_FIRMWARE_FLAG_SUBSEQUENT_STAGE; |
155 | #elif defined(TARGET_OS_OSX) && TARGET_OS_OSX && (TARGET_CPU_ARM || TARGET_CPU_ARM64) |
156 | return IMG4_FIRMWARE_FLAG_SUBSEQUENT_STAGE; |
157 | #else |
158 | return IMG4_FIRMWARE_FLAG_INIT; |
159 | #endif |
160 | } |
161 | |
162 | #pragma mark Type Configuration |
163 | |
164 | typedef struct _TrustCacheTypeConfig { |
165 | /* Chip environment to use for validation */ |
166 | const img4_chip_t* (*chipEnvironment)(void); |
167 | |
168 | /* Nonce domain for anti-replay */ |
169 | const img4_nonce_domain_t* (*nonceDomain)(void); |
170 | |
171 | /* Four CC identifier for this type */ |
172 | img4_4cc_t fourCC; |
173 | |
174 | /* Firmware flags to add for this configuration */ |
175 | img4_firmware_flags_t (*firmwareFlags)(void); |
176 | |
177 | /* |
178 | * Higher level policy imposes restrictions on which process can load |
179 | * which trust cache. These restrictions are enforced through the use |
180 | * of the entitlement "com.apple.private.pmap.load-trust-cache". The |
181 | * value here is the required value of the above entitlement. |
182 | */ |
183 | const char *entitlementValue; |
184 | } TrustCacheTypeConfig_t; |
185 | |
186 | #pragma GCC diagnostic push |
187 | #pragma GCC diagnostic ignored "-Wfour-char-constants" |
188 | |
189 | static const TrustCacheTypeConfig_t TCTypeConfig[kTCTypeTotal] = { |
190 | /* Static trust caches are loaded as raw modules */ |
191 | [kTCTypeStatic] = { |
192 | .chipEnvironment = NULL, |
193 | .nonceDomain = NULL, |
194 | .fourCC = 0, |
195 | .firmwareFlags = NULL, |
196 | .entitlementValue = NULL |
197 | }, |
198 | |
199 | /* Engineering trust caches are loaded as raw modules */ |
200 | [kTCTypeEngineering] = { |
201 | .chipEnvironment = NULL, |
202 | .nonceDomain = NULL, |
203 | .fourCC = 0, |
204 | .firmwareFlags = NULL, |
205 | .entitlementValue = NULL |
206 | }, |
207 | |
208 | /* Legacy trust caches are loaded as raw modules */ |
209 | [kTCTypeLegacy] = { |
210 | .chipEnvironment = NULL, |
211 | .nonceDomain = NULL, |
212 | .fourCC = 0, |
213 | .firmwareFlags = NULL, |
214 | .entitlementValue = NULL |
215 | }, |
216 | |
217 | [kTCTypeDTRS] = { |
218 | .chipEnvironment = chipEnvironmentPersonalized, |
219 | .nonceDomain = NULL, |
220 | .fourCC = 'dtrs', |
221 | .firmwareFlags = firmwareFlagsDTRS, |
222 | .entitlementValue = "personalized.engineering-root" |
223 | }, |
224 | |
225 | [kTCTypeLTRS] = { |
226 | .chipEnvironment = chipEnvironmentPersonalized, |
227 | .nonceDomain = nonceDomainTrustCache, |
228 | .fourCC = 'ltrs', |
229 | .firmwareFlags = NULL, |
230 | .entitlementValue = "personalized.trust-cache" |
231 | }, |
232 | |
233 | [kTCTypePersonalizedDiskImage] = { |
234 | .chipEnvironment = chipEnvironmentPersonalized, |
235 | .nonceDomain = nonceDomainPDI, |
236 | .fourCC = 'ltrs', |
237 | .firmwareFlags = NULL, |
238 | .entitlementValue = "personalized.pdi" |
239 | }, |
240 | |
241 | [kTCTypeDeveloperDiskImage] = { |
242 | .chipEnvironment = chipEnvironmentCategorized, |
243 | .nonceDomain = nonceDomainDDI, |
244 | .fourCC = 'trdv', |
245 | .firmwareFlags = NULL, |
246 | .entitlementValue = "personalized.ddi" |
247 | }, |
248 | |
249 | [kTCTypeLTRSWithDDINonce] = { |
250 | .chipEnvironment = chipEnvironmentPersonalized, |
251 | .nonceDomain = nonceDomainDDI, |
252 | .fourCC = 'ltrs', |
253 | .firmwareFlags = NULL, |
254 | .entitlementValue = "personalized.ddi" |
255 | }, |
256 | |
257 | [kTCTypeCryptex] = { |
258 | .chipEnvironment = chipEnvironmentPersonalized, |
259 | .nonceDomain = nonceDomainCryptex, |
260 | .fourCC = 'ltrs', |
261 | .firmwareFlags = NULL, |
262 | .entitlementValue = "personalized.cryptex-research" |
263 | }, |
264 | |
265 | [kTCTypeEphemeralCryptex] = { |
266 | .chipEnvironment = chipEnvironmentEphemeralCryptex, |
267 | .nonceDomain = nonceDomainEphemeralCryptex, |
268 | .fourCC = 'ltrs', |
269 | .firmwareFlags = NULL, |
270 | .entitlementValue = "personalized.ephemeral-cryptex" |
271 | }, |
272 | |
273 | [kTCTypeUpdateBrain] = { |
274 | .chipEnvironment = chipEnvironmentGlobalFF00, |
275 | .nonceDomain = NULL, |
276 | .fourCC = 'ltrs', |
277 | .firmwareFlags = NULL, |
278 | .entitlementValue = "global.ota-update-brain" |
279 | }, |
280 | |
281 | [kTCTypeInstallAssistant] = { |
282 | .chipEnvironment = chipEnvironmentGlobalFF01, |
283 | .nonceDomain = NULL, |
284 | .fourCC = 'ltrs', |
285 | .firmwareFlags = NULL, |
286 | .entitlementValue = "global.install-assistant" |
287 | }, |
288 | |
289 | [kTCTypeBootabilityBrain] = { |
290 | .chipEnvironment = chipEnvironmentGlobalFF06, |
291 | .nonceDomain = NULL, |
292 | .fourCC = 'trbb', |
293 | .firmwareFlags = NULL, |
294 | .entitlementValue = "global.bootability-brain" |
295 | }, |
296 | |
297 | [kTCTypeCryptex1BootOS] = { |
298 | .chipEnvironment = chipEnvironmentCryptex1Boot, |
299 | .nonceDomain = NULL, |
300 | .fourCC = 'trcs', |
301 | .firmwareFlags = firmwareFlagsSplat, |
302 | .entitlementValue = "cryptex1.boot.os" |
303 | }, |
304 | |
305 | [kTCTypeCryptex1BootApp] = { |
306 | .chipEnvironment = chipEnvironmentCryptex1Boot, |
307 | .nonceDomain = NULL, |
308 | .fourCC = 'trca', |
309 | .firmwareFlags = firmwareFlagsSplat, |
310 | .entitlementValue = "cryptex1.boot.app" |
311 | }, |
312 | |
313 | [kTCTypeCryptex1PreBootApp] = { |
314 | .chipEnvironment = chipEnvironmentCryptex1PreBoot, |
315 | .nonceDomain = NULL, |
316 | .fourCC = 'trca', |
317 | .firmwareFlags = firmwareFlagsSplat, |
318 | .entitlementValue = "cryptex1.preboot.app" |
319 | }, |
320 | |
321 | [kTCTypeGlobalDiskImage] = { |
322 | .chipEnvironment = chipEnvironmentGlobalFF00, |
323 | .nonceDomain = NULL, |
324 | .fourCC = 'ltrs', |
325 | .firmwareFlags = NULL, |
326 | .entitlementValue = "global.pdi" |
327 | }, |
328 | |
329 | [kTCTypeMobileAssetBrain] = { |
330 | .chipEnvironment = chipEnvironmentCryptex1MobileAsset, |
331 | .nonceDomain = NULL, |
332 | .fourCC = 'trab', |
333 | .firmwareFlags = NULL, |
334 | .entitlementValue = "personalized.mobile-asset-brain" |
335 | }, |
336 | |
337 | [kTCTypeSafariDownlevel] = { |
338 | .chipEnvironment = chipEnvironmentSafariDownlevel, |
339 | .nonceDomain = NULL, |
340 | .fourCC = 'trca', |
341 | .firmwareFlags = NULL, |
342 | .entitlementValue = "cryptex1.safari-downlevel" |
343 | }, |
344 | |
345 | [kTCTypeCryptex1PreBootOS] = { |
346 | .chipEnvironment = chipEnvironmentCryptex1PreBoot, |
347 | .nonceDomain = NULL, |
348 | .fourCC = 'trcs', |
349 | .firmwareFlags = firmwareFlagsSplat, |
350 | .entitlementValue = "cryptex1.preboot.os" |
351 | }, |
352 | |
353 | [kTCTypeSupplementalPersistent] = { |
354 | .chipEnvironment = chipEnvironmentSupplemental, |
355 | .nonceDomain = nonceDomainDDI, |
356 | .fourCC = 'ltrs', |
357 | .firmwareFlags = NULL, |
358 | .entitlementValue = "personalized.supplemental-persistent" |
359 | }, |
360 | |
361 | [kTCTypeSupplementalEphemeral] = { |
362 | .chipEnvironment = chipEnvironmentSupplemental, |
363 | .nonceDomain = nonceDomainPDI, |
364 | .fourCC = 'ltrs', |
365 | .firmwareFlags = NULL, |
366 | .entitlementValue = "personalized.supplemental-ephemeral" |
367 | }, |
368 | |
369 | [kTCTypeCryptex1Generic] = { |
370 | .chipEnvironment = chipEnvironmentCryptex1Generic, |
371 | .nonceDomain = NULL, |
372 | .fourCC = 'gtcd', |
373 | .firmwareFlags = NULL, |
374 | .entitlementValue = "cryptex1.generic" |
375 | }, |
376 | |
377 | [kTCTypeCryptex1GenericSupplemental] = { |
378 | .chipEnvironment = chipEnvironmentCryptex1GenericSupplemental, |
379 | .nonceDomain = NULL, |
380 | .fourCC = 'gtcd', |
381 | .firmwareFlags = NULL, |
382 | .entitlementValue = "cryptex1.generic.supplemental" |
383 | } |
384 | }; |
385 | |
386 | #pragma GCC diagnostic pop |
387 | |
388 | __END_DECLS |
389 | #endif /* libTrustCache_TypesConfig_h */ |
390 | |