1 /* 2 * Copyright (c) 2020 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 29 #ifndef __AMFI_H 30 #define __AMFI_H 31 32 #include <os/base.h> 33 #include <sys/cdefs.h> 34 #include <kern/cs_blobs.h> 35 #include <CoreEntitlements/V2/API.h> 36 #include <CoreEntitlements/V2/Kernel.h> 37 38 #define KERN_AMFI_INTERFACE_VERSION 7 39 #define KERN_AMFI_SUPPORTS_DATA_ALLOC 2 40 #define KERN_AMFI_SUPPORTS_CORE_ENTITLEMENTS_V2 1 41 42 #pragma mark Forward Declarations 43 struct proc; 44 struct cs_blob; 45 46 #pragma mark Type Defines 47 typedef struct proc* proc_t; 48 49 #if XNU_KERNEL_PRIVATE 50 #ifndef CORE_ENTITLEMENTS_I_KNOW_WHAT_IM_DOING 51 #define CORE_ENTITLEMENTS_I_KNOW_WHAT_IM_DOING 52 #endif 53 54 #include <CoreEntitlements/CoreEntitlementsPriv.h> 55 #endif 56 57 typedef void (*amfi_OSEntitlements_invalidate)(void* osentitlements); 58 typedef void* (*amfi_OSEntitlements_asDict)(void* osentitlements); 59 typedef CEError_t (*amfi_OSEntitlements_query)(void* osentitlements, uint8_t cdhash[CS_CDHASH_LEN], CEQuery_t query, size_t queryLength); 60 typedef bool (*amfi_OSEntitlements_get_transmuted_blob)(void* osentitlements, const CS_GenericBlob **blob); 61 typedef bool (*amfi_OSEntitlements_get_xml_blob)(void* osentitlements, CS_GenericBlob **blob); 62 typedef bool (*amfi_get_legacy_profile_exemptions)(const uint8_t **profile, size_t *profileLength); 63 typedef bool (*amfi_get_udid)(const uint8_t **udid, size_t *udidLength); 64 typedef void* (*amfi_query_context_to_object)(CEQueryContext_t ctx); 65 66 #pragma mark OSEntitlements 67 68 #define KERN_AMFI_SUPPORTS_OSENTITLEMENTS_API 1 69 #define OSENTITLEMENTS_INTERFACE_VERSION 1u 70 71 typedef kern_return_t (*OSEntitlements_adjustContextWithMonitor)( 72 void* os_entitlements, 73 const CEQueryContext_t ce_ctx, 74 const void *monitor_sig_obj, 75 const char *identity, 76 const uint32_t code_signing_flags 77 ); 78 79 typedef kern_return_t (*OSEntitlements_adjustContextWithoutMonitor)( 80 void* os_entitlements, 81 struct cs_blob *code_signing_blob 82 ); 83 84 typedef kern_return_t (*OSEntitlements_queryEntitlementBoolean)( 85 const void *os_entitlements, 86 const char *entitlement_name 87 ); 88 89 typedef kern_return_t (*OSEntitlements_queryEntitlementBooleanWithProc)( 90 const proc_t proc, 91 const char *entitlement_name 92 ); 93 94 typedef kern_return_t (*OSEntitlements_queryEntitlementString)( 95 const void *os_entitlements, 96 const char *entitlement_name, 97 const char *entitlement_value 98 ); 99 100 typedef kern_return_t (*OSEntitlements_queryEntitlementStringWithProc)( 101 const proc_t proc, 102 const char *entitlement_name, 103 const char *entitlement_value 104 ); 105 106 typedef kern_return_t (*OSEntitlements_copyEntitlementAsOSObject)( 107 const void *os_entitlements, 108 const char *entitlement_name, 109 void **entitlement_object 110 ); 111 112 typedef kern_return_t (*OSEntitlements_copyEntitlementAsOSObjectWithProc)( 113 const proc_t proc, 114 const char *entitlement_name, 115 void **entitlement_object 116 ); 117 118 typedef struct _OSEntitlementsInterface { 119 uint32_t version; 120 OSEntitlements_adjustContextWithMonitor adjustContextWithMonitor; 121 OSEntitlements_adjustContextWithoutMonitor adjustContextWithoutMonitor; 122 OSEntitlements_queryEntitlementBoolean queryEntitlementBoolean; 123 OSEntitlements_queryEntitlementBooleanWithProc queryEntitlementBooleanWithProc; 124 OSEntitlements_queryEntitlementString queryEntitlementString; 125 OSEntitlements_queryEntitlementStringWithProc queryEntitlementStringWithProc; 126 OSEntitlements_copyEntitlementAsOSObject copyEntitlementAsOSObject; 127 OSEntitlements_copyEntitlementAsOSObjectWithProc copyEntitlementAsOSObjectWithProc; 128 } OSEntitlementsInterface_t; 129 130 #pragma mark libTrustCache 131 132 #include <TrustCache/API.h> 133 #define KERN_AMFI_SUPPORTS_TRUST_CACHE_API 1 134 #define TRUST_CACHE_INTERFACE_VERSION 3u 135 136 typedef TCReturn_t (*constructInvalid_t)( 137 TrustCache_t *trustCache, 138 const uint8_t *moduleAddr, 139 size_t moduleSize 140 ); 141 142 typedef TCReturn_t (*checkRuntimeForUUID_t)( 143 const TrustCacheRuntime_t *runtime, 144 const uint8_t checkUUID[kUUIDSize], 145 const TrustCache_t **trustCacheRet 146 ); 147 148 typedef TCReturn_t (*loadModule_t)( 149 TrustCacheRuntime_t *runtime, 150 const TCType_t type, 151 TrustCache_t *trustCache, 152 const uintptr_t dataAddr, 153 const size_t dataSize 154 ); 155 156 typedef TCReturn_t (*load_t)( 157 TrustCacheRuntime_t *runtime, 158 TCType_t type, 159 TrustCache_t *trustCache, 160 const uintptr_t payloadAddr, 161 const size_t payloadSize, 162 const uintptr_t manifestAddr, 163 const size_t manifestSize 164 ); 165 166 typedef TCReturn_t (*extractModule_t)( 167 TrustCache_t *trustCache, 168 const uint8_t *dataAddr, 169 size_t dataSize 170 ); 171 172 typedef TCReturn_t (*query_t)( 173 const TrustCacheRuntime_t *runtime, 174 TCQueryType_t queryType, 175 const uint8_t CDHash[kTCEntryHashSize], 176 TrustCacheQueryToken_t *queryToken 177 ); 178 179 typedef TCReturn_t (*getModule_t)( 180 const TrustCache_t *trustCache, 181 const uint8_t **moduleAddrRet, 182 size_t *moduleSizeRet 183 ); 184 185 typedef TCReturn_t (*getUUID_t)( 186 const TrustCache_t *trustCache, 187 uint8_t returnUUID[kUUIDSize] 188 ); 189 190 typedef TCReturn_t (*getCapabilities_t)( 191 const TrustCache_t *trustCache, 192 TCCapabilities_t *capabilities 193 ); 194 195 typedef TCReturn_t (*queryGetTCType_t)( 196 const TrustCacheQueryToken_t *queryToken, 197 TCType_t *typeRet 198 ); 199 200 typedef TCReturn_t (*queryGetCapabilities_t)( 201 const TrustCacheQueryToken_t *queryToken, 202 TCCapabilities_t *capabilities 203 ); 204 205 typedef TCReturn_t (*queryGetHashType_t)( 206 const TrustCacheQueryToken_t *queryToken, 207 uint8_t *hashTypeRet 208 ); 209 210 typedef TCReturn_t (*queryGetFlags_t)( 211 const TrustCacheQueryToken_t *queryToken, 212 uint64_t *flagsRet 213 ); 214 215 typedef TCReturn_t (*queryGetConstraintCategory_t)( 216 const TrustCacheQueryToken_t *queryToken, 217 uint8_t *constraintCategoryRet 218 ); 219 220 typedef struct _TrustCacheInterface { 221 uint32_t version; 222 loadModule_t loadModule; 223 load_t load; 224 query_t query; 225 getCapabilities_t getCapabilities; 226 queryGetTCType_t queryGetTCType; 227 queryGetCapabilities_t queryGetCapabilities; 228 queryGetHashType_t queryGetHashType; 229 queryGetFlags_t queryGetFlags; 230 queryGetConstraintCategory_t queryGetConstraintCategory; 231 232 /* Available since interface version 3 */ 233 constructInvalid_t constructInvalid; 234 checkRuntimeForUUID_t checkRuntimeForUUID; 235 extractModule_t extractModule; 236 getModule_t getModule; 237 getUUID_t getUUID; 238 } TrustCacheInterface_t; 239 240 241 242 #pragma mark Main AMFI Structure 243 244 typedef struct _amfi { 245 amfi_OSEntitlements_invalidate OSEntitlements_invalidate; 246 amfi_OSEntitlements_asDict OSEntitlements_asdict; 247 amfi_OSEntitlements_query OSEntitlements_query; 248 amfi_OSEntitlements_get_transmuted_blob OSEntitlements_get_transmuted; 249 amfi_OSEntitlements_get_xml_blob OSEntitlements_get_xml; 250 coreentitlements_t CoreEntitlements; 251 amfi_get_legacy_profile_exemptions get_legacy_profile_exemptions; 252 amfi_get_udid get_udid; 253 amfi_query_context_to_object query_context_to_object; 254 255 #if KERN_AMFI_SUPPORTS_TRUST_CACHE_API 256 /* Interface to interact with libTrustCache */ 257 TrustCacheInterface_t TrustCache; 258 #endif 259 260 #if KERN_AMFI_SUPPORTS_OSENTITLEMENTS_API 261 /* Interface to interact with OSEntitlements */ 262 OSEntitlementsInterface_t OSEntitlements; 263 #endif 264 265 } amfi_t; 266 267 __BEGIN_DECLS 268 269 /*! 270 * @const amfi 271 * The AMFI interface that was registered. 272 */ 273 extern const amfi_t * amfi; 274 275 /*! 276 * @const amfi 277 * The AMFI interface that was registered. 278 */ 279 extern const CEKernelAPI_t *libCoreEntitlements; 280 281 /*! 282 * @function amfi_interface_register 283 * Registers the AMFI kext interface for use within the kernel proper. 284 * 285 * @param mfi 286 * The interface to register. 287 * 288 * @discussion 289 * This routine may only be called once and must be called before late-const has 290 * been applied to kernel memory. 291 */ 292 OS_EXPORT OS_NONNULL1 293 void 294 amfi_interface_register(const amfi_t *mfi); 295 296 /*! 297 * @function amfi_core_entitlements_register 298 * Registers the CoreEntitlements_V2 implementation for use within the kernel. 299 * 300 * @param implementation 301 * The implementation to register. 302 * 303 * @discussion 304 * This routine may only be called once and must be called before late-const has 305 * been applied to kernel memory. 306 */ 307 OS_EXPORT OS_NONNULL1 308 void 309 amfi_core_entitlements_register(const CEKernelAPI_t *implementation); 310 311 __END_DECLS 312 313 #endif // __AMFI_H 314