code_signing_internal.h source code [xnu/bsd/sys/code_signing_internal.h]

1	/*
2	* Copyright (c) 2022 Apple Computer, Inc. All rights reserved.
3	*
4	* @APPLE_LICENSE_HEADER_START@
5	*
6	* The contents of this file constitute Original Code as defined in and
7	* are subject to the Apple Public Source License Version 1.1 (the
8	* "License"). You may not use this file except in compliance with the
9	* License. Please obtain a copy of the License at
10	* http://www.apple.com/publicsource and read it before using this file.
11	*
12	* This Original Code and all software distributed under the License are
13	* distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
14	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
16	* FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17	* License for the specific language governing rights and limitations
18	* under the License.
19	*
20	* @APPLE_LICENSE_HEADER_END@
21	*/
22
23	#ifndef _SYS_CODE_SIGNING_INTERNAL_H_
24	#define _SYS_CODE_SIGNING_INTERNAL_H_
25
26	#include <sys/cdefs.h>
27	__BEGIN_DECLS
28
29	#pragma GCC diagnostic push
30	#pragma GCC diagnostic ignored "-Wnullability-completeness"
31	#pragma GCC diagnostic ignored "-Wnullability-completeness-on-arrays"
32
33	#ifdef XNU_KERNEL_PRIVATE
34
35	#include <mach/boolean.h>
36	#include <mach/kern_return.h>
37	#include <kern/cs_blobs.h>
38	#include <vm/pmap.h>
39	#include <vm/pmap_cs.h>
40	#include <img4/firmware.h>
41	#include <libkern/image4/dlxk.h>
42
43	#if CONFIG_SPTM
44	/ TrustedExecutionMonitor /
45	#define CODE_SIGNING_MONITOR 1
46	#define CODE_SIGNING_MONITOR_PREFIX txm
47
48	#elif PMAP_CS_PPL_MONITOR
49	/ Page Protection Layer -- PMAP_CS /
50	#define CODE_SIGNING_MONITOR 1
51	#define CODE_SIGNING_MONITOR_PREFIX ppl
52
53	#else
54	/ No monitor -- XNU /
55	#define CODE_SIGNING_MONITOR 0
56	#define CODE_SIGNING_MONITOR_PREFIX xnu
57
58	#endif /* CONFIG_SPTM */
59
60	/**
61	* This macro can be used by code which is abstracting out the concept of the code
62	* signing monitor in order to redirect calls to the correct monitor environment.
63	*/
64	#define __CSM_PREFIX(prefix, name) prefix##_##name
65	#define _CSM_PREFIX(prefix, name) __CSM_PREFIX(prefix, name)
66	#define CSM_PREFIX(name) _CSM_PREFIX(CODE_SIGNING_MONITOR_PREFIX, name)
67
68	void CSM_PREFIX(toggle_developer_mode)(
69	bool state);
70
71	void CSM_PREFIX(set_compilation_service_cdhash)(
72	const uint8_t cdhash[CS_CDHASH_LEN]);
73
74	bool CSM_PREFIX(match_compilation_service_cdhash)(
75	const uint8_t cdhash[CS_CDHASH_LEN]);
76
77	void CSM_PREFIX(set_local_signing_public_key)(
78	const uint8_t * public_key);
79
80	uint8_t* CSM_PREFIX(get_local_signing_public_key)(void);
81
82	void* CSM_PREFIX(image4_storage_data)(
83	size_t * allocated_size);
84
85	void CSM_PREFIX(image4_set_nonce)(
86	const img4_nonce_domain_index_t ndi,
87	const img4_nonce_t *nonce);
88
89	void CSM_PREFIX(image4_roll_nonce)(
90	const img4_nonce_domain_index_t ndi);
91
92	errno_t CSM_PREFIX(image4_copy_nonce)(
93	const img4_nonce_domain_index_t ndi,
94	img4_nonce_t *nonce_out);
95
96	errno_t CSM_PREFIX(image4_execute_object)(
97	img4_runtime_object_spec_index_t obj_spec_index,
98	const img4_buff_t *payload,
99	const img4_buff_t *manifest);
100
101	errno_t CSM_PREFIX(image4_copy_object)(
102	img4_runtime_object_spec_index_t obj_spec_index,
103	vm_address_t object_out,
104	size_t *object_length);
105
106	const void* CSM_PREFIX(image4_get_monitor_exports)(void);
107
108	errno_t CSM_PREFIX(image4_set_release_type)(
109	const char *release_type);
110
111	errno_t CSM_PREFIX(image4_set_bnch_shadow)(
112	const img4_nonce_domain_index_t ndi);
113
114	kern_return_t CSM_PREFIX(image4_transfer_region)(
115	image4_cs_trap_t selector,
116	vm_address_t region_addr,
117	vm_size_t region_size);
118
119	kern_return_t CSM_PREFIX(image4_reclaim_region)(
120	image4_cs_trap_t selector,
121	vm_address_t region_addr,
122	vm_size_t region_size);
123
124	errno_t CSM_PREFIX(image4_monitor_trap)(
125	image4_cs_trap_t selector,
126	const void *input_data,
127	size_t input_size);
128
129	#if CODE_SIGNING_MONITOR
130	/ Function prototypes needed only when we have a monitor environment /
131
132	bool CSM_PREFIX(code_signing_enabled)(void);
133
134	void CSM_PREFIX(enter_lockdown_mode)(void);
135
136	vm_size_t CSM_PREFIX(managed_code_signature_size)(void);
137
138	void CSM_PREFIX(unrestrict_local_signing_cdhash)(
139	const uint8_t cdhash[CS_CDHASH_LEN]);
140
141	kern_return_t CSM_PREFIX(register_provisioning_profile)(
142	const void *profile_blob,
143	const size_t profile_blob_size,
144	void **profile_obj);
145
146	kern_return_t CSM_PREFIX(unregister_provisioning_profile)(
147	void *profile_obj);
148
149	kern_return_t CSM_PREFIX(associate_provisioning_profile)(
150	void *sig_obj,
151	void *profile_obj);
152
153	kern_return_t CSM_PREFIX(disassociate_provisioning_profile)(
154	void *sig_obj);
155
156	kern_return_t CSM_PREFIX(register_code_signature)(
157	const vm_address_t signature_addr,
158	const vm_size_t signature_size,
159	const vm_offset_t code_directory_offset,
160	const char *signature_path,
161	void **sig_obj,
162	vm_address_t *txm_signature_addr);
163
164	kern_return_t CSM_PREFIX(unregister_code_signature)(
165	void *sig_obj);
166
167	kern_return_t CSM_PREFIX(verify_code_signature)(
168	void *sig_obj);
169
170	kern_return_t CSM_PREFIX(reconstitute_code_signature)(
171	void *sig,
172	vm_address_t *unneeded_addr,
173	vm_size_t *unneeded_size);
174
175	kern_return_t CSM_PREFIX(associate_code_signature)(
176	pmap_t pmap,
177	void *sig_obj,
178	const vm_address_t region_addr,
179	const vm_size_t region_size,
180	const vm_offset_t region_offset);
181
182	kern_return_t CSM_PREFIX(allow_jit_region)(
183	pmap_t pmap);
184
185	kern_return_t CSM_PREFIX(associate_jit_region)(
186	pmap_t pmap,
187	const vm_address_t region_addr,
188	const vm_size_t region_size);
189
190	kern_return_t CSM_PREFIX(associate_debug_region)(
191	pmap_t pmap,
192	const vm_address_t region_addr,
193	const vm_size_t region_size);
194
195	kern_return_t CSM_PREFIX(address_space_debugged)(
196	pmap_t pmap);
197
198	kern_return_t CSM_PREFIX(allow_invalid_code)(
199	pmap_t pmap);
200
201	kern_return_t CSM_PREFIX(get_trust_level_kdp)(
202	pmap_t pmap,
203	uint32_t *trust_level);
204
205	kern_return_t CSM_PREFIX(address_space_exempt)(
206	const pmap_t pmap);
207
208	kern_return_t CSM_PREFIX(fork_prepare)(
209	pmap_t old_pmap,
210	pmap_t new_pmap);
211
212	kern_return_t CSM_PREFIX(acquire_signing_identifier)(
213	const void *sig_obj,
214	const char **signing_id);
215
216	kern_return_t CSM_PREFIX(associate_kernel_entitlements)(
217	void *sig_obj,
218	const void *kernel_entitlements);
219
220	kern_return_t CSM_PREFIX(resolve_kernel_entitlements)(
221	pmap_t pmap,
222	const void **kernel_entitlements);
223
224	kern_return_t CSM_PREFIX(accelerate_entitlements)(
225	void *sig_obj,
226	CEQueryContext_t *ce_ctx);
227
228	#endif /* CODE_SIGNING_MONITOR */
229
230	#endif /* XNU_KERNEL_PRIVATE */
231
232	#pragma GCC diagnostic pop
233
234	__END_DECLS
235	#endif /* _SYS_CODE_SIGNING_INTERNAL_H_ */
236

Browse the source code of xnu/bsd/sys/code_signing_internal.h