1 | /*! |
2 | * @header |
3 | * AP chip environments. |
4 | */ |
5 | #ifndef __IMG4_CHIP_AP_H |
6 | #define __IMG4_CHIP_AP_H |
7 | |
8 | #ifndef __IMG4_INDIRECT |
9 | #error "Please #include <img4/firmware.h> instead of this file directly" |
10 | #endif // __IMG4_INDIRECT |
11 | |
12 | __BEGIN_DECLS |
13 | OS_ASSUME_NONNULL_BEGIN |
14 | OS_ASSUME_PTR_ABI_SINGLE_BEGIN |
15 | |
16 | /*! |
17 | * @const IMG4_CHIP_AP_SHA1 |
18 | * The Application Processor on an Apple ARM SoC with an embedded sha1 |
19 | * certifcate chain. |
20 | * |
21 | * This chip environment represents one unique instance of such a chip. |
22 | */ |
23 | #if !XNU_KERNEL_PRIVATE |
24 | IMG4_API_AVAILABLE_20200508 |
25 | OS_EXPORT |
26 | const img4_chip_t _img4_chip_ap_sha1; |
27 | #define IMG4_CHIP_AP_SHA1 (&_img4_chip_ap_sha1) |
28 | #else |
29 | #define IMG4_CHIP_AP_SHA1 (img4if->i4if_v7.chip_ap_sha1) |
30 | #endif |
31 | |
32 | /*! |
33 | * @const IMG4_CHIP_AP_SHA2_384 |
34 | * The Application Processor on an Apple ARM SoC with an embedded sha2-384 |
35 | * certifcate chain. |
36 | * |
37 | * This chip environment represents one unique instance of such a chip. |
38 | */ |
39 | #if !XNU_KERNEL_PRIVATE |
40 | IMG4_API_AVAILABLE_20200508 |
41 | OS_EXPORT |
42 | const img4_chip_t _img4_chip_ap_sha2_384; |
43 | #define IMG4_CHIP_AP_SHA2_384 (&_img4_chip_ap_sha2_384) |
44 | #else |
45 | #define IMG4_CHIP_AP_SHA2_384 (img4if->i4if_v7.chip_ap_sha2_384) |
46 | #endif |
47 | |
48 | /*! |
49 | * @const IMG4_CHIP_AP_HYBRID |
50 | * An Intel x86 processor whose chain of trust is rooted in an instance of a |
51 | * {@link IMG4_CHIP_AP_SHA2_384} chip. Firmwares executed on this chip are |
52 | * authenticated against the characteristics of the corresponding AP chip |
53 | * environment and not the characteristics of the x86 processor. |
54 | * |
55 | * This chip environment represents one unique instance of such a chip pair. |
56 | */ |
57 | #if !XNU_KERNEL_PRIVATE |
58 | IMG4_API_AVAILABLE_20200508 |
59 | OS_EXPORT |
60 | const img4_chip_t _img4_chip_ap_hybrid; |
61 | #define IMG4_CHIP_AP_HYBRID (&_img4_chip_ap_hybrid) |
62 | #else |
63 | #define IMG4_CHIP_AP_HYBRID (img4if->i4if_v7.chip_ap_hybrid) |
64 | #endif |
65 | |
66 | /*! |
67 | * @const IMG4_CHIP_AP_REDUCED |
68 | * An Application Processor on an Apple ARM SoC operating in a reduced security |
69 | * configuration. |
70 | * |
71 | * This chip cannot be uniquely identified. |
72 | */ |
73 | #if !XNU_KERNEL_PRIVATE |
74 | IMG4_API_AVAILABLE_20200508 |
75 | OS_EXPORT |
76 | const img4_chip_t _img4_chip_ap_reduced; |
77 | #define IMG4_CHIP_AP_REDUCED (&_img4_chip_ap_reduced) |
78 | #else |
79 | #define IMG4_CHIP_AP_REDUCED (img4if->i4if_v7.chip_ap_reduced) |
80 | #endif |
81 | |
82 | /*! |
83 | * @const IMG4_CHIP_AP_PERMISSIVE |
84 | * An Application Processor on an Apple ARM SoC operating entirely within the |
85 | * user's authority. |
86 | * |
87 | * This chip's identity is rooted in a device-specific authority rather than one |
88 | * maintained by Apple. |
89 | */ |
90 | #if !XNU_KERNEL_PRIVATE |
91 | IMG4_API_AVAILABLE_20200508 |
92 | OS_EXPORT |
93 | const img4_chip_t _img4_chip_ap_permissive; |
94 | #define IMG4_CHIP_AP_PERMISSIVE (&_img4_chip_ap_permissive) |
95 | #else |
96 | #define IMG4_CHIP_AP_PERMISSIVE (img4if->i4if_v8.chip_ap_permissive) |
97 | #endif |
98 | |
99 | /*! |
100 | * @const IMG4_CHIP_AP_LOCAL_BLESSED |
101 | * An Application Processor on an Apple ARM SoC which is executing payloads from |
102 | * a future local policy that has not yet booted. |
103 | */ |
104 | #if !XNU_KERNEL_PRIVATE |
105 | IMG4_API_AVAILABLE_20220513 |
106 | OS_EXPORT |
107 | const img4_chip_t _img4_chip_ap_local_blessed; |
108 | #define IMG4_CHIP_AP_LOCAL_BLESSED (&_img4_chip_ap_local_blessed) |
109 | #else |
110 | #define IMG4_CHIP_AP_LOCAL_BLESSED (img4if->i4if_v18.chip_ap_local_blessed) |
111 | #endif |
112 | |
113 | /*! |
114 | * @const IMG4_CHIP_AP_HYBRID_MEDIUM |
115 | * An Intel x86 processor whose chain of trust is rooted in an instance of a |
116 | * {@link IMG4_CHIP_AP_SHA2_384} chip and is operating in a "medium security" |
117 | * mode due to a user-approved security degradation. |
118 | * |
119 | * This chip cannot be uniquely identified. |
120 | */ |
121 | #if !XNU_KERNEL_PRIVATE |
122 | IMG4_API_AVAILABLE_20200508 |
123 | OS_EXPORT |
124 | const img4_chip_t _img4_chip_ap_hybrid_medium; |
125 | #define IMG4_CHIP_AP_HYBRID_MEDIUM (&_img4_chip_ap_hybrid_medium) |
126 | #else |
127 | #define IMG4_CHIP_AP_HYBRID_MEDIUM (img4if->i4if_v8.chip_ap_hybrid_medium) |
128 | #endif |
129 | |
130 | /*! |
131 | * @const IMG4_CHIP_AP_HYBRID_RELAXED |
132 | * An Intel x86 processor whose chain of trust is rooted in an instance of a |
133 | * {@link IMG4_CHIP_AP_SHA2_384} chip and is operating with no secure boot |
134 | * due to a user-approved security degradation. |
135 | * |
136 | * This chip cannot be uniquely identified. |
137 | */ |
138 | #if !XNU_KERNEL_PRIVATE |
139 | IMG4_API_AVAILABLE_20200508 |
140 | OS_EXPORT |
141 | const img4_chip_t _img4_chip_ap_hybrid_relaxed; |
142 | #define IMG4_CHIP_AP_HYBRID_RELAXED (&_img4_chip_ap_hybrid_relaxed) |
143 | #else |
144 | #define IMG4_CHIP_AP_HYBRID_RELAXED (img4if->i4if_v8.chip_ap_hybrid_relaxed) |
145 | #endif |
146 | |
147 | /*! |
148 | * @const IMG4_CHIP_AP_INTRANSIGENT |
149 | * An Application Processor which is incapable of executing code. This chip |
150 | * environment's root of trust is a certificate authority which has never and |
151 | * will never issue any certificates. |
152 | */ |
153 | #if !XNU_KERNEL_PRIVATE |
154 | IMG4_API_AVAILABLE_20210113 |
155 | OS_EXPORT |
156 | const img4_chip_t _img4_chip_ap_intransigent; |
157 | #define IMG4_CHIP_AP_INTRANSIGENT (&_img4_chip_ap_intransigent) |
158 | #else |
159 | #define IMG4_CHIP_AP_INTRANSIGENT (img4if->i4if_v11.chip_ap_intransigent) |
160 | #endif |
161 | |
162 | /*! |
163 | * @const IMG4_CHIP_AP_SUPPLEMENTAL |
164 | * An Application Processor whose root of trust resides in the |
165 | * {@link IMG4_RUNTIME_OBJECT_SPEC_SUPPLEMENTAL_ROOT} object. Once the |
166 | * supplemental root object is executed on the host's AP, this chip environment |
167 | * is available to execute payloads. |
168 | */ |
169 | #if !XNU_KERNEL_PRIVATE |
170 | IMG4_API_AVAILABLE_20210113 |
171 | OS_EXPORT |
172 | const img4_chip_t _img4_chip_ap_supplemental; |
173 | #define IMG4_CHIP_AP_SUPPLEMENTAL (&_img4_chip_ap_supplemental) |
174 | #else |
175 | #define IMG4_CHIP_AP_SUPPLEMENTAL (img4if->i4if_v11.chip_ap_supplemental) |
176 | #endif |
177 | |
178 | /*! |
179 | * @const IMG4_CHIP_AP_VMA2 |
180 | * The Application Processor of a virtualized Apple ARM device. |
181 | * |
182 | * This chip environment represents one unique instance of such a chip on the |
183 | * host device. |
184 | */ |
185 | #if !XNU_KERNEL_PRIVATE |
186 | IMG4_API_AVAILABLE_20210113 |
187 | OS_EXPORT |
188 | const img4_chip_t _img4_chip_ap_vma2; |
189 | #define IMG4_CHIP_AP_VMA2 (&_img4_chip_ap_vma2) |
190 | #else |
191 | #define IMG4_CHIP_AP_VMA2 (img4if->i4if_v13.chip_ap_vma2) |
192 | #endif |
193 | |
194 | /*! |
195 | * @const IMG4_CHIP_AP_VMA2_CLONE |
196 | * The Application Processor of a virtualized Apple ARM device which has been |
197 | * cloned from another on the same host. |
198 | * |
199 | * This chip environment cannot be uniquely identified. |
200 | */ |
201 | #if !XNU_KERNEL_PRIVATE |
202 | IMG4_API_AVAILABLE_20210113 |
203 | OS_EXPORT |
204 | const img4_chip_t _img4_chip_ap_vma2_clone; |
205 | #define IMG4_CHIP_AP_VMA2_CLONE (&_img4_chip_ap_vma2_clone) |
206 | #else |
207 | #define IMG4_CHIP_AP_VMA2_CLONE (img4if->i4if_v13.chip_ap_vma2_clone) |
208 | #endif |
209 | |
210 | OS_ASSUME_PTR_ABI_SINGLE_END |
211 | OS_ASSUME_NONNULL_END |
212 | __END_DECLS |
213 | |
214 | #endif // __IMG4_CHIP_AP_H |
215 | |