1 | /*! |
2 | * @header |
3 | * Cryptex1 chip environments. |
4 | */ |
5 | #ifndef __IMG4_CHIP_CRYPTEX1_H |
6 | #define __IMG4_CHIP_CRYPTEX1_H |
7 | |
8 | #ifndef __IMG4_INDIRECT |
9 | #error "Please #include <img4/firmware.h> instead of this file directly" |
10 | #endif // __IMG4_INDIRECT |
11 | |
12 | __BEGIN_DECLS |
13 | OS_ASSUME_NONNULL_BEGIN |
14 | OS_ASSUME_PTR_ABI_SINGLE_BEGIN |
15 | |
16 | /*! |
17 | * @const IMG4_CHIP_CRYPTEX1_BOOT |
18 | * A virtual coprocessor environment hosted on the AP which derives its unique |
19 | * identity from the hosting AP. This chip assists in booting the AP's |
20 | * userspace. |
21 | */ |
22 | #if !XNU_KERNEL_PRIVATE |
23 | IMG4_API_AVAILABLE_20211126 |
24 | OS_EXPORT |
25 | const img4_chip_t _img4_chip_cryptex1_boot; |
26 | #define IMG4_CHIP_CRYPTEX1_BOOT (&_img4_chip_cryptex1_boot) |
27 | #else |
28 | #define IMG4_CHIP_CRYPTEX1_BOOT (img4if->i4if_v17.chip_cryptex1_boot) |
29 | #endif |
30 | |
31 | /*! |
32 | * @const IMG4_CHIP_CRYPTEX1_BOOT_REDUCED |
33 | * A virtual coprocessor environment hosted on the reduced-security AP which |
34 | * derives its unique identity from the hosting AP. This chip assists in booting |
35 | * the AP's userspace. |
36 | */ |
37 | #if !XNU_KERNEL_PRIVATE |
38 | IMG4_API_AVAILABLE_20211126 |
39 | OS_EXPORT |
40 | const img4_chip_t _img4_chip_cryptex1_boot_reduced; |
41 | #define IMG4_CHIP_CRYPTEX1_BOOT_REDUCED \ |
42 | (&_img4_chip_cryptex1_boot_reduced) |
43 | #else |
44 | #define IMG4_CHIP_CRYPTEX1_BOOT_REDUCED \ |
45 | (img4if->i4if_v17.chip_cryptex1_boot_reduced) |
46 | #endif |
47 | |
48 | /*! |
49 | * @const IMG4_CHIP_CRYPTEX1_BOOT_PROPOSAL |
50 | * Equivalent to {@link IMG4_CHIP_CRYPTEX1_BOOT} with internal use constraints |
51 | * relaxed to permit verification in scenarios where the currently-booted AP may |
52 | * not represent the ultimate execution environment. |
53 | * |
54 | * @discussion |
55 | * This environment should not be used for payload execution on the AP and is |
56 | * intended to facilitate local policy signing in the SEP. |
57 | */ |
58 | #if !XNU_KERNEL_PRIVATE |
59 | IMG4_API_AVAILABLE_20220401 |
60 | OS_EXPORT |
61 | const img4_chip_t _img4_chip_cryptex1_boot_proposal; |
62 | #define IMG4_CHIP_CRYPTEX1_BOOT_PROPOSAL (&_img4_chip_cryptex1_boot_proposal) |
63 | #else |
64 | #define IMG4_CHIP_CRYPTEX1_BOOT_PROPOSAL \ |
65 | (img4if->i4if_v18.chip_cryptex1_boot_proposal) |
66 | #endif |
67 | |
68 | /*! |
69 | * @const IMG4_CHIP_CRYPTEX1_BOOT_REDUCED_PROPOSAL |
70 | * Equivalent to {@link IMG4_CHIP_CRYPTEX1_BOOT_REDUCED} with internal use |
71 | * constraints relaxed to permit verification in scenarios where the currently- |
72 | * booted AP may not represent the ultimate execution environment. |
73 | * |
74 | * @discussion |
75 | * This environment should not be used for payload execution on the AP and is |
76 | * intended to facilitate local policy signing in the SEP. |
77 | */ |
78 | #if !XNU_KERNEL_PRIVATE |
79 | IMG4_API_AVAILABLE_20220401 |
80 | OS_EXPORT |
81 | const img4_chip_t _img4_chip_cryptex1_boot_reduced_proposal; |
82 | #define IMG4_CHIP_CRYPTEX1_BOOT_REDUCED_PROPOSAL \ |
83 | (&_img4_chip_cryptex1_boot_reduced_proposal) |
84 | #else |
85 | #define IMG4_CHIP_CRYPTEX1_BOOT_REDUCED_PROPOSAL \ |
86 | (img4if->i4if_v18.chip_cryptex1_boot_reduced_proposal) |
87 | #endif |
88 | |
89 | /*! |
90 | * @const IMG4_CHIP_CRYPTEX1_BOOT_X86 |
91 | * A virtual coprocessor environment hosted on an x86 chip which has no unique |
92 | * identity. This chip assists in booting the x86 processor's userspace. |
93 | */ |
94 | #if !XNU_KERNEL_PRIVATE |
95 | IMG4_API_AVAILABLE_20211126 |
96 | OS_EXPORT |
97 | const img4_chip_t _img4_chip_cryptex1_boot_x86; |
98 | #define IMG4_CHIP_CRYPTEX1_BOOT_X86 (&_img4_chip_cryptex1_boot_x86) |
99 | #else |
100 | #define IMG4_CHIP_CRYPTEX1_BOOT_X86 (img4if->i4if_v17.chip_cryptex1_boot_x86) |
101 | #endif |
102 | |
103 | /*! |
104 | * @const IMG4_CHIP_CRYPTEX1_BOOT_STATIC_X86 |
105 | * A virtual coprocessor environment hosted on an x86 chip which has no unique |
106 | * identity. This chip assists in booting the x86 processor's userspace. This |
107 | * chip has no ability to enforce expiration on its manifests. |
108 | */ |
109 | #if !XNU_KERNEL_PRIVATE |
110 | IMG4_API_AVAILABLE_20220912 |
111 | OS_EXPORT |
112 | const img4_chip_t _img4_chip_cryptex1_boot_static_x86; |
113 | #define IMG4_CHIP_CRYPTEX1_BOOT_STATIC_X86 \ |
114 | (&_img4_chip_cryptex1_boot_static_x86) |
115 | #else |
116 | #define IMG4_CHIP_CRYPTEX1_BOOT_STATIC_X86 \ |
117 | (img4if->i4if_v19.chip_cryptex1_boot_static_x86) |
118 | #endif |
119 | |
120 | /*! |
121 | * @const IMG4_CHIP_CRYPTEX1_BOOT_RELAXED_X86 |
122 | * A virtual coprocessor environment hosted on an x86 chip which has no unique |
123 | * identity and has secure boot disabled. This chip assists in booting the x86 |
124 | * processor's userspace. |
125 | */ |
126 | #if !XNU_KERNEL_PRIVATE |
127 | IMG4_API_AVAILABLE_20220711 |
128 | OS_EXPORT |
129 | const img4_chip_t _img4_chip_cryptex1_boot_relaxed_x86; |
130 | #define IMG4_CHIP_CRYPTEX1_BOOT_RELAXED_X86 \ |
131 | (&_img4_chip_cryptex1_boot_relaxed_x86) |
132 | #else |
133 | #define IMG4_CHIP_CRYPTEX1_BOOT_RELAXED_X86 \ |
134 | (img4if->i4if_v19.chip_cryptex1_boot_relaxed_x86) |
135 | #endif |
136 | |
137 | /*! |
138 | * @const IMG4_CHIP_CRYPTEX1_BOOT_VMA2 |
139 | * A virtual coprocessor environment hosted on a virtualized ARM AP which |
140 | * derives its unique identity from the hosting AP. This chip assists in booting |
141 | * the AP's userspace. |
142 | */ |
143 | #if !XNU_KERNEL_PRIVATE |
144 | IMG4_API_AVAILABLE_20220128 |
145 | OS_EXPORT |
146 | const img4_chip_t _img4_chip_cryptex1_boot_vma2; |
147 | #define IMG4_CHIP_CRYPTEX1_BOOT_VMA2 (&_img4_chip_cryptex1_boot_vma2) |
148 | #else |
149 | #define IMG4_CHIP_CRYPTEX1_BOOT_VMA2 (img4if->i4if_v17.chip_cryptex1_boot_vma2) |
150 | #endif |
151 | |
152 | /*! |
153 | * @const IMG4_CHIP_CRYPTEX1_BOOT_VMA2_CLONE |
154 | * A virtual coprocessor environment hosted on a virtualized ARM AP which |
155 | * derives its unique identity from the hosting AP. This chip assists in booting |
156 | * the AP's userspace. This is the clone version which doesn't enforce ECID |
157 | * and UDID. |
158 | */ |
159 | #if !XNU_KERNEL_PRIVATE |
160 | IMG4_API_AVAILABLE_20220322 |
161 | OS_EXPORT |
162 | const img4_chip_t _img4_chip_cryptex1_boot_vma2_clone; |
163 | #define IMG4_CHIP_CRYPTEX1_BOOT_VMA2_CLONE \ |
164 | (&_img4_chip_cryptex1_boot_vma2_clone) |
165 | #else |
166 | #define IMG4_CHIP_CRYPTEX1_BOOT_VMA2_CLONE \ |
167 | (img4if->i4if_v18.chip_cryptex1_boot_vma2_clone) |
168 | #endif |
169 | |
170 | /*! |
171 | * @const IMG4_CHIP_CRYPTEX1_BOOT_VMA2_PROPOSAL |
172 | * Equivalent to {@link IMG4_CHIP_CRYPTEX1_BOOT_VMA2} with internal use |
173 | * constraints relaxed to permit verification in scenarios where the currently- |
174 | * booted AP may not represent the ultimate execution environment. |
175 | * |
176 | * @discussion |
177 | * This environment should not be used for payload execution on the AP and is |
178 | * intended to facilitate local policy signing in the BootPolicy kext. |
179 | */ |
180 | #if !XNU_KERNEL_PRIVATE |
181 | IMG4_API_AVAILABLE_20220401 |
182 | OS_EXPORT |
183 | const img4_chip_t _img4_chip_cryptex1_boot_vma2_proposal; |
184 | #define IMG4_CHIP_CRYPTEX1_BOOT_VMA2_PROPOSAL \ |
185 | (&_img4_chip_cryptex1_boot_vma2_proposal) |
186 | #else |
187 | #define IMG4_CHIP_CRYPTEX1_BOOT_VMA2_PROPOSAL \ |
188 | (img4if->i4if_v18.chip_cryptex1_boot_vma2_proposal) |
189 | #endif |
190 | |
191 | /*! |
192 | * @const IMG4_CHIP_CRYPTEX1_BOOT_VMA2_CLONE_PROPOSAL |
193 | * Equivalent to {@link IMG4_CHIP_CRYPTEX1_BOOT_VMA2_CLONE} with internal use |
194 | * constraints relaxed to permit verification in scenarios where the currently- |
195 | * booted AP may not represent the ultimate execution environment. |
196 | * |
197 | * @discussion |
198 | * This environment should not be used for payload execution on the AP and is |
199 | * intended to facilitate local policy signing in the BootPolicy kext. |
200 | */ |
201 | #if !XNU_KERNEL_PRIVATE |
202 | IMG4_API_AVAILABLE_20220401 |
203 | OS_EXPORT |
204 | const img4_chip_t _img4_chip_cryptex1_boot_vma2_clone_proposal; |
205 | #define IMG4_CHIP_CRYPTEX1_BOOT_VMA2_CLONE_PROPOSAL \ |
206 | (&_img4_chip_cryptex1_boot_vma2_clone_proposal) |
207 | #else |
208 | #define IMG4_CHIP_CRYPTEX1_BOOT_VMA2_CLONE_PROPOSAL \ |
209 | (img4if->i4if_v18.chip_cryptex1_boot_vma2_clone_proposal) |
210 | #endif |
211 | |
212 | /*! |
213 | * @const IMG4_CHIP_CRYPTEX1_PREBOOT |
214 | * A virtual coprocessor environment hosted on the AP which derives its unique |
215 | * identity from the hosting AP. This chip permits executing payloads intended |
216 | * for the next boot prior to that boot. It does not assist in booting the AP. |
217 | */ |
218 | #if !XNU_KERNEL_PRIVATE |
219 | IMG4_API_AVAILABLE_20211126 |
220 | OS_EXPORT |
221 | const img4_chip_t _img4_chip_cryptex1_preboot; |
222 | #define IMG4_CHIP_CRYPTEX1_PREBOOT (&_img4_chip_cryptex1_preboot) |
223 | #else |
224 | #define IMG4_CHIP_CRYPTEX1_PREBOOT (img4if->i4if_v17.chip_cryptex1_preboot) |
225 | #endif |
226 | |
227 | /*! |
228 | * @const IMG4_CHIP_CRYPTEX1_PREBOOT_REDUCED |
229 | * A virtual coprocessor environment hosted on the reduced-security AP which |
230 | * derives its unique identity from the hosting AP. This chip permits executing |
231 | * payloads intended for the next boot prior to that boot. It does not assist in |
232 | * booting the AP. |
233 | */ |
234 | #if !XNU_KERNEL_PRIVATE |
235 | IMG4_API_AVAILABLE_20211126 |
236 | OS_EXPORT |
237 | const img4_chip_t _img4_chip_cryptex1_preboot_reduced; |
238 | #define IMG4_CHIP_CRYPTEX1_PREBOOT_REDUCED \ |
239 | (&_img4_chip_cryptex1_preboot_reduced) |
240 | #else |
241 | #define IMG4_CHIP_CRYPTEX1_PREBOOT_REDUCED \ |
242 | (img4if->i4if_v17.chip_cryptex1_preboot_reduced) |
243 | #endif |
244 | |
245 | /*! |
246 | * @const IMG4_CHIP_CRYPTEX1_PREBOOT_X86 |
247 | * A virtual coprocessor environment hosted on an x86 chip which has no unique |
248 | * identity. This chip permits executing payloads intended for the next boot |
249 | * prior to that boot. It does not assist in booting the x86 chip. |
250 | */ |
251 | #if !XNU_KERNEL_PRIVATE |
252 | IMG4_API_AVAILABLE_20211126 |
253 | OS_EXPORT |
254 | const img4_chip_t _img4_chip_cryptex1_preboot_x86; |
255 | #define IMG4_CHIP_CRYPTEX1_PREBOOT_X86 \ |
256 | (&_img4_chip_cryptex1_preboot_x86) |
257 | #else |
258 | #define IMG4_CHIP_CRYPTEX1_PREBOOT_X86 \ |
259 | (img4if->i4if_v17.chip_cryptex1_preboot_x86) |
260 | #endif |
261 | |
262 | /*! |
263 | * @const IMG4_CHIP_CRYPTEX1_PREBOOT_STATIC_X86 |
264 | * A virtual coprocessor environment hosted on an x86 chip which has no unique |
265 | * identity. This chip permits executing payloads intended for the next boot |
266 | * prior to that boot. It does not assist in booting the x86 chip. This chip has |
267 | * no ability to enforce expiration on its manifests. |
268 | */ |
269 | #if !XNU_KERNEL_PRIVATE |
270 | IMG4_API_AVAILABLE_20211126 |
271 | OS_EXPORT |
272 | const img4_chip_t _img4_chip_cryptex1_preboot_static_x86; |
273 | #define IMG4_CHIP_CRYPTEX1_PREBOOT_STATIC_X86 \ |
274 | (&_img4_chip_cryptex1_preboot_static_x86) |
275 | #else |
276 | #define IMG4_CHIP_CRYPTEX1_PREBOOT_STATIC_X86 \ |
277 | (img4if->i4if_v19.chip_cryptex1_preboot_static_x86) |
278 | #endif |
279 | |
280 | /*! |
281 | * @const IMG4_CHIP_CRYPTEX1_PREBOOT_RELAXED_X86 |
282 | * A virtual coprocessor environment hosted on an x86 chip which has no unique |
283 | * identity and has secure boot disabled. This chip permits executing payloads |
284 | * intended for the next boot prior to that boot. It does not assist in booting |
285 | * the x86 chip. |
286 | */ |
287 | #if !XNU_KERNEL_PRIVATE |
288 | IMG4_API_AVAILABLE_20220711 |
289 | OS_EXPORT |
290 | const img4_chip_t _img4_chip_cryptex1_preboot_relaxed_x86; |
291 | #define IMG4_CHIP_CRYPTEX1_PREBOOT_RELAXED_X86 \ |
292 | (&_img4_chip_cryptex1_preboot_relaxed_x86) |
293 | #else |
294 | #define IMG4_CHIP_CRYPTEX1_PREBOOT_RELAXED_X86 \ |
295 | (img4if->i4if_v17.chip_cryptex1_preboot_relaxed_x86) |
296 | #endif |
297 | |
298 | /*! |
299 | * @const IMG4_CHIP_CRYPTEX1_PREBOOT_VMA2 |
300 | * A virtual coprocessor environment hosted on a virtualized ARM AP which |
301 | * derives its unique identity from the hosting AP. This chip permits executing |
302 | * payloads intended for the next boot prior to that boot. It does not assist in |
303 | * booting the AP. |
304 | */ |
305 | #if !XNU_KERNEL_PRIVATE |
306 | IMG4_API_AVAILABLE_20220128 |
307 | OS_EXPORT |
308 | const img4_chip_t _img4_chip_cryptex1_preboot_vma2; |
309 | #define IMG4_CHIP_CRYPTEX1_PREBOOT_VMA2 \ |
310 | (&_img4_chip_cryptex1_preboot_vma2) |
311 | #else |
312 | #define IMG4_CHIP_CRYPTEX1_PREBOOT_VMA2 \ |
313 | (img4if->i4if_v17.chip_cryptex1_preboot_vma2) |
314 | #endif |
315 | |
316 | /*! |
317 | * @const IMG4_CHIP_CRYPTEX1_PREBOOT_VMA2_CLONE |
318 | * A virtual coprocessor environment hosted on a virtualized ARM AP which |
319 | * derives its unique identity from the hosting AP. This chip permits executing |
320 | * payloads intended for the next boot prior to that boot. It does not assist in |
321 | * booting the AP. This is the clone version which doesn't enforce ECID |
322 | * and UDID. |
323 | */ |
324 | #if !XNU_KERNEL_PRIVATE |
325 | IMG4_API_AVAILABLE_20220322 |
326 | OS_EXPORT |
327 | const img4_chip_t _img4_chip_cryptex1_preboot_vma2_clone; |
328 | #define IMG4_CHIP_CRYPTEX1_PREBOOT_VMA2_CLONE \ |
329 | (&_img4_chip_cryptex1_preboot_vma2_clone) |
330 | #else |
331 | #define IMG4_CHIP_CRYPTEX1_PREBOOT_VMA2_CLONE \ |
332 | (img4if->i4if_v18.chip_cryptex1_preboot_vma2_clone) |
333 | #endif |
334 | |
335 | /*! |
336 | * @const IMG4_CHIP_CRYPTEX1_ASSET |
337 | * A virtual coprocessor environment hosted on the AP which derives its unique |
338 | * identity from the hosting AP. This chip assists in executing MobileAsset |
339 | * brain payloads during runtime, after the host AP has booted its userspace. |
340 | */ |
341 | #if !XNU_KERNEL_PRIVATE |
342 | IMG4_API_AVAILABLE_20211126 |
343 | OS_EXPORT |
344 | const img4_chip_t _img4_chip_cryptex1_asset; |
345 | #define IMG4_CHIP_CRYPTEX1_ASSET (&_img4_chip_cryptex1_asset) |
346 | #else |
347 | #define IMG4_CHIP_CRYPTEX1_ASSET (img4if->i4if_v17.chip_cryptex1_asset) |
348 | #endif |
349 | |
350 | /*! |
351 | * @const IMG4_CHIP_CRYPTEX1_ASSET_X86 |
352 | * A virtual coprocessor environment hosted on the AP which derives its unique |
353 | * identity from the hosting AP. This chip assists in executing MobileAsset |
354 | * brain payloads during runtime, after the host AP has booted its userspace. |
355 | */ |
356 | #if !XNU_KERNEL_PRIVATE |
357 | IMG4_API_AVAILABLE_20220401 |
358 | OS_EXPORT |
359 | const img4_chip_t _img4_chip_cryptex1_asset_x86; |
360 | #define IMG4_CHIP_CRYPTEX1_ASSET_X86 (&_img4_chip_cryptex1_asset_x86) |
361 | #else |
362 | #define IMG4_CHIP_CRYPTEX1_ASSET_X86 (img4if->i4if_v18.chip_cryptex1_asset_x86) |
363 | #endif |
364 | |
365 | /*! |
366 | * @const IMG4_CHIP_CRYPTEX1_GENERIC |
367 | * A virtual coprocessor environment hosted on the AP which derives its unique |
368 | * identity from the hosting AP. This chip assists in executing generic cryptex |
369 | * payloads during runtime, after the host AP has booted its userspace. |
370 | */ |
371 | #if !XNU_KERNEL_PRIVATE |
372 | IMG4_API_AVAILABLE_20221202 |
373 | OS_EXPORT |
374 | const img4_chip_t _img4_chip_cryptex1_generic; |
375 | #define IMG4_CHIP_CRYPTEX1_GENERIC \ |
376 | (&_img4_chip_cryptex1_generic) |
377 | #else |
378 | #define IMG4_CHIP_CRYPTEX1_GENERIC \ |
379 | (img4if->i4if_v20.chip_cryptex1_generic) |
380 | #endif |
381 | |
382 | /*! |
383 | * @const IMG4_CHIP_CRYPTEX1_GENERIC_SUPPLEMENTAL |
384 | * A virtual coprocessor environment hosted on the AP which derives its unique |
385 | * identity from the hosting AP. This chip assists in executing generic cryptex |
386 | * payloads during runtime, after the host AP has booted its userspace. Its |
387 | * trust is rooted in a supplemental root of trust authorized by the Secure Boot |
388 | * CA. |
389 | */ |
390 | #if !XNU_KERNEL_PRIVATE |
391 | IMG4_API_AVAILABLE_20221202 |
392 | OS_EXPORT |
393 | const img4_chip_t _img4_chip_cryptex1_generic_supplemental; |
394 | #define IMG4_CHIP_CRYPTEX1_GENERIC_SUPPLEMENTAL \ |
395 | (&_img4_chip_cryptex1_generic_supplemental) |
396 | #else |
397 | #define IMG4_CHIP_CRYPTEX1_GENERIC_SUPPLEMENTAL \ |
398 | (img4if->i4if_v20.chip_cryptex1_generic_supplemental) |
399 | #endif |
400 | |
401 | /*! |
402 | * @const IMG4_CHIP_CRYPTEX1_GENERIC_X86 |
403 | * A virtual coprocessor environment hosted on an x86 chip. This chip assists in |
404 | * executing generic cryptex payloads during runtime after the x86 chip has |
405 | * booted. |
406 | */ |
407 | #if !XNU_KERNEL_PRIVATE |
408 | IMG4_API_AVAILABLE_20221202 |
409 | OS_EXPORT |
410 | const img4_chip_t _img4_chip_cryptex1_generic_x86; |
411 | #define IMG4_CHIP_CRYPTEX1_GENERIC_X86 \ |
412 | (&_img4_chip_cryptex1_generic_x86) |
413 | #else |
414 | #define IMG4_CHIP_CRYPTEX1_GENERIC_X86 \ |
415 | (img4if->i4if_v20.chip_cryptex1_generic_x86) |
416 | #endif |
417 | |
418 | OS_ASSUME_PTR_ABI_SINGLE_END |
419 | OS_ASSUME_NONNULL_END |
420 | __END_DECLS |
421 | |
422 | #endif // __IMG4_CHIP_CRYPTEX1_H |
423 | |