1 /*! 2 * @header 3 * Cryptex1 chip environments. 4 */ 5 #ifndef __IMG4_CHIP_CRYPTEX1_H 6 #define __IMG4_CHIP_CRYPTEX1_H 7 8 #ifndef __IMG4_INDIRECT 9 #error "Please #include <img4/firmware.h> instead of this file directly" 10 #endif // __IMG4_INDIRECT 11 12 OS_ASSUME_NONNULL_BEGIN 13 14 /*! 15 * @const IMG4_CHIP_CRYPTEX1_BOOT 16 * A virtual coprocessor environment hosted on the AP which derives its unique 17 * identity from the hosting AP. This chip assists in booting the AP's 18 * userspace. 19 */ 20 #if !XNU_KERNEL_PRIVATE 21 IMG4_API_AVAILABLE_20211126 22 OS_EXPORT 23 const img4_chip_t _img4_chip_cryptex1_boot; 24 #define IMG4_CHIP_CRYPTEX1_BOOT (&_img4_chip_cryptex1_boot) 25 #else 26 #define IMG4_CHIP_CRYPTEX1_BOOT (img4if->i4if_v17.chip_cryptex1_boot) 27 #endif 28 29 /*! 30 * @const IMG4_CHIP_CRYPTEX1_BOOT_REDUCED 31 * A virtual coprocessor environment hosted on the reduced-security AP which 32 * derives its unique identity from the hosting AP. This chip assists in booting 33 * the AP's userspace. 34 */ 35 #if !XNU_KERNEL_PRIVATE 36 IMG4_API_AVAILABLE_20211126 37 OS_EXPORT 38 const img4_chip_t _img4_chip_cryptex1_boot_reduced; 39 #define IMG4_CHIP_CRYPTEX1_BOOT_REDUCED \ 40 (&_img4_chip_cryptex1_boot_reduced) 41 #else 42 #define IMG4_CHIP_CRYPTEX1_BOOT_REDUCED \ 43 (img4if->i4if_v17.chip_cryptex1_boot_reduced) 44 #endif 45 46 /*! 47 * @const IMG4_CHIP_CRYPTEX1_BOOT_PROPOSAL 48 * Equivalent to {@link IMG4_CHIP_CRYPTEX1_BOOT} with internal use constraints 49 * relaxed to permit verification in scenarios where the currently-booted AP may 50 * not represent the ultimate execution environment. 51 * 52 * @discussion 53 * This environment should not be used for payload execution on the AP and is 54 * intended to facilitate local policy signing in the SEP. 55 */ 56 #if !XNU_KERNEL_PRIVATE 57 IMG4_API_AVAILABLE_20220401 58 OS_EXPORT 59 const img4_chip_t _img4_chip_cryptex1_boot_proposal; 60 #define IMG4_CHIP_CRYPTEX1_BOOT_PROPOSAL (&_img4_chip_cryptex1_boot_proposal) 61 #else 62 #define IMG4_CHIP_CRYPTEX1_BOOT_PROPOSAL \ 63 (img4if->i4if_v18.chip_cryptex1_boot_proposal) 64 #endif 65 66 /*! 67 * @const IMG4_CHIP_CRYPTEX1_BOOT_REDUCED_PROPOSAL 68 * Equivalent to {@link IMG4_CHIP_CRYPTEX1_BOOT_REDUCED} with internal use 69 * constraints relaxed to permit verification in scenarios where the currently- 70 * booted AP may not represent the ultimate execution environment. 71 * 72 * @discussion 73 * This environment should not be used for payload execution on the AP and is 74 * intended to facilitate local policy signing in the SEP. 75 */ 76 #if !XNU_KERNEL_PRIVATE 77 IMG4_API_AVAILABLE_20220401 78 OS_EXPORT 79 const img4_chip_t _img4_chip_cryptex1_boot_reduced_proposal; 80 #define IMG4_CHIP_CRYPTEX1_BOOT_REDUCED_PROPOSAL \ 81 (&_img4_chip_cryptex1_boot_reduced_proposal) 82 #else 83 #define IMG4_CHIP_CRYPTEX1_BOOT_REDUCED_PROPOSAL \ 84 (img4if->i4if_v18.chip_cryptex1_boot_reduced_proposal) 85 #endif 86 87 /*! 88 * @const IMG4_CHIP_CRYPTEX1_BOOT_X86 89 * A virtual coprocessor environment hosted on an x86 chip which has no unique 90 * identity. This chip assists in booting the x86 processor's userspace. 91 */ 92 #if !XNU_KERNEL_PRIVATE 93 IMG4_API_AVAILABLE_20211126 94 OS_EXPORT 95 const img4_chip_t _img4_chip_cryptex1_boot_x86; 96 #define IMG4_CHIP_CRYPTEX1_BOOT_X86 (&_img4_chip_cryptex1_boot_x86) 97 #else 98 #define IMG4_CHIP_CRYPTEX1_BOOT_X86 (img4if->i4if_v17.chip_cryptex1_boot_x86) 99 #endif 100 101 /*! 102 * @const IMG4_CHIP_CRYPTEX1_BOOT_VMA2 103 * A virtual coprocessor environment hosted on a virtualized ARM AP which 104 * derives its unique identity from the hosting AP. This chip assists in booting 105 * the AP's userspace. 106 */ 107 #if !XNU_KERNEL_PRIVATE 108 IMG4_API_AVAILABLE_20220128 109 OS_EXPORT 110 const img4_chip_t _img4_chip_cryptex1_boot_vma2; 111 #define IMG4_CHIP_CRYPTEX1_BOOT_VMA2 (&_img4_chip_cryptex1_boot_vma2) 112 #else 113 #define IMG4_CHIP_CRYPTEX1_BOOT_VMA2 (img4if->i4if_v17.chip_cryptex1_boot_vma2) 114 #endif 115 116 /*! 117 * @const IMG4_CHIP_CRYPTEX1_BOOT_VMA2_CLONE 118 * A virtual coprocessor environment hosted on a virtualized ARM AP which 119 * derives its unique identity from the hosting AP. This chip assists in booting 120 * the AP's userspace. This is the clone version which doesn't enforce ECID 121 * and UDID. 122 */ 123 #if !XNU_KERNEL_PRIVATE 124 IMG4_API_AVAILABLE_20220322 125 OS_EXPORT 126 const img4_chip_t _img4_chip_cryptex1_boot_vma2_clone; 127 #define IMG4_CHIP_CRYPTEX1_BOOT_VMA2_CLONE \ 128 (&_img4_chip_cryptex1_boot_vma2_clone) 129 #else 130 #define IMG4_CHIP_CRYPTEX1_BOOT_VMA2_CLONE \ 131 (img4if->i4if_v18.chip_cryptex1_boot_vma2_clone) 132 #endif 133 134 /*! 135 * @const IMG4_CHIP_CRYPTEX1_BOOT_VMA2_PROPOSAL 136 * Equivalent to {@link IMG4_CHIP_CRYPTEX1_BOOT_VMA2} with internal use 137 * constraints relaxed to permit verification in scenarios where the currently- 138 * booted AP may not represent the ultimate execution environment. 139 * 140 * @discussion 141 * This environment should not be used for payload execution on the AP and is 142 * intended to facilitate local policy signing in the BootPolicy kext. 143 */ 144 #if !XNU_KERNEL_PRIVATE 145 IMG4_API_AVAILABLE_20220401 146 OS_EXPORT 147 const img4_chip_t _img4_chip_cryptex1_boot_vma2_proposal; 148 #define IMG4_CHIP_CRYPTEX1_BOOT_VMA2_PROPOSAL \ 149 (&_img4_chip_cryptex1_boot_vma2_proposal) 150 #else 151 #define IMG4_CHIP_CRYPTEX1_BOOT_VMA2_PROPOSAL \ 152 (img4if->i4if_v18.chip_cryptex1_boot_vma2_proposal) 153 #endif 154 155 /*! 156 * @const IMG4_CHIP_CRYPTEX1_BOOT_VMA2_CLONE_PROPOSAL 157 * Equivalent to {@link IMG4_CHIP_CRYPTEX1_BOOT_VMA2_CLONE} with internal use 158 * constraints relaxed to permit verification in scenarios where the currently- 159 * booted AP may not represent the ultimate execution environment. 160 * 161 * @discussion 162 * This environment should not be used for payload execution on the AP and is 163 * intended to facilitate local policy signing in the BootPolicy kext. 164 */ 165 #if !XNU_KERNEL_PRIVATE 166 IMG4_API_AVAILABLE_20220401 167 OS_EXPORT 168 const img4_chip_t _img4_chip_cryptex1_boot_vma2_clone_proposal; 169 #define IMG4_CHIP_CRYPTEX1_BOOT_VMA2_CLONE_PROPOSAL \ 170 (&_img4_chip_cryptex1_boot_vma2_clone_proposal) 171 #else 172 #define IMG4_CHIP_CRYPTEX1_BOOT_VMA2_CLONE_PROPOSAL \ 173 (img4if->i4if_v18.chip_cryptex1_boot_vma2_clone_proposal) 174 #endif 175 176 /*! 177 * @const IMG4_CHIP_CRYPTEX1_PREBOOT 178 * A virtual coprocessor environment hosted on the AP which derives its unique 179 * identity from the hosting AP. This chip permits executing payloads intended 180 * for the next boot prior to that boot. It does not assist in booting the AP. 181 */ 182 #if !XNU_KERNEL_PRIVATE 183 IMG4_API_AVAILABLE_20211126 184 OS_EXPORT 185 const img4_chip_t _img4_chip_cryptex1_preboot; 186 #define IMG4_CHIP_CRYPTEX1_PREBOOT (&_img4_chip_cryptex1_preboot) 187 #else 188 #define IMG4_CHIP_CRYPTEX1_PREBOOT (img4if->i4if_v17.chip_cryptex1_preboot) 189 #endif 190 191 /*! 192 * @const IMG4_CHIP_CRYPTEX1_PREBOOT_REDUCED 193 * A virtual coprocessor environment hosted on the reduced-security AP which 194 * derives its unique identity from the hosting AP. This chip permits executing 195 * payloads intended for the next boot prior to that boot. It does not assist in 196 * booting the AP. 197 */ 198 #if !XNU_KERNEL_PRIVATE 199 IMG4_API_AVAILABLE_20211126 200 OS_EXPORT 201 const img4_chip_t _img4_chip_cryptex1_preboot_reduced; 202 #define IMG4_CHIP_CRYPTEX1_PREBOOT_REDUCED \ 203 (&_img4_chip_cryptex1_preboot_reduced) 204 #else 205 #define IMG4_CHIP_CRYPTEX1_PREBOOT_REDUCED \ 206 (img4if->i4if_v17.chip_cryptex1_preboot_reduced) 207 #endif 208 209 /*! 210 * @const IMG4_CHIP_CRYPTEX1_PREBOOT_X86 211 * A virtual coprocessor environment hosted on an x86 chip which has no unique 212 * identity. This chip permits executing payloads intended for the next boot 213 * prior to that boot. It does not assist in booting the x86 chip. 214 */ 215 #if !XNU_KERNEL_PRIVATE 216 IMG4_API_AVAILABLE_20211126 217 OS_EXPORT 218 const img4_chip_t _img4_chip_cryptex1_preboot_x86; 219 #define IMG4_CHIP_CRYPTEX1_PREBOOT_X86 \ 220 (&_img4_chip_cryptex1_preboot_x86) 221 #else 222 #define IMG4_CHIP_CRYPTEX1_PREBOOT_X86 \ 223 (img4if->i4if_v17.chip_cryptex1_preboot_x86) 224 #endif 225 226 /*! 227 * @const IMG4_CHIP_CRYPTEX1_PREBOOT_VMA2 228 * A virtual coprocessor environment hosted on a virtualized ARM AP which 229 * derives its unique identity from the hosting AP. This chip permits executing 230 * payloads intended for the next boot prior to that boot. It does not assist in 231 * booting the AP. 232 */ 233 #if !XNU_KERNEL_PRIVATE 234 IMG4_API_AVAILABLE_20220128 235 OS_EXPORT 236 const img4_chip_t _img4_chip_cryptex1_preboot_vma2; 237 #define IMG4_CHIP_CRYPTEX1_PREBOOT_VMA2 \ 238 (&_img4_chip_cryptex1_preboot_vma2) 239 #else 240 #define IMG4_CHIP_CRYPTEX1_PREBOOT_VMA2 \ 241 (img4if->i4if_v17.chip_cryptex1_preboot_vma2) 242 #endif 243 244 /*! 245 * @const IMG4_CHIP_CRYPTEX1_PREBOOT_VMA2_CLONE 246 * A virtual coprocessor environment hosted on a virtualized ARM AP which 247 * derives its unique identity from the hosting AP. This chip permits executing 248 * payloads intended for the next boot prior to that boot. It does not assist in 249 * booting the AP. This is the clone version which doesn't enforce ECID 250 * and UDID. 251 */ 252 #if !XNU_KERNEL_PRIVATE 253 IMG4_API_AVAILABLE_20220322 254 OS_EXPORT 255 const img4_chip_t _img4_chip_cryptex1_preboot_vma2_clone; 256 #define IMG4_CHIP_CRYPTEX1_PREBOOT_VMA2_CLONE \ 257 (&_img4_chip_cryptex1_preboot_vma2_clone) 258 #else 259 #define IMG4_CHIP_CRYPTEX1_PREBOOT_VMA2_CLONE \ 260 (img4if->i4if_v18.chip_cryptex1_preboot_vma2_clone) 261 #endif 262 263 /*! 264 * @const IMG4_CHIP_CRYPTEX1_ASSET 265 * A virtual coprocessor environment hosted on the AP which derives its unique 266 * identity from the hosting AP. This chip assists in executing MobileAsset 267 * brain payloads during runtime, after the host AP has booted its userspace. 268 */ 269 #if !XNU_KERNEL_PRIVATE 270 IMG4_API_AVAILABLE_20211126 271 OS_EXPORT 272 const img4_chip_t _img4_chip_cryptex1_asset; 273 #define IMG4_CHIP_CRYPTEX1_ASSET (&_img4_chip_cryptex1_asset) 274 #else 275 #define IMG4_CHIP_CRYPTEX1_ASSET (img4if->i4if_v17.chip_cryptex1_asset) 276 #endif 277 278 /*! 279 * @const IMG4_CHIP_CRYPTEX1_ASSET_X86 280 * A virtual coprocessor environment hosted on the AP which derives its unique 281 * identity from the hosting AP. This chip assists in executing MobileAsset 282 * brain payloads during runtime, after the host AP has booted its userspace. 283 */ 284 #if !XNU_KERNEL_PRIVATE 285 IMG4_API_AVAILABLE_20220401 286 OS_EXPORT 287 const img4_chip_t _img4_chip_cryptex1_asset_x86; 288 #define IMG4_CHIP_CRYPTEX1_ASSET_X86 (&_img4_chip_cryptex1_asset_x86) 289 #else 290 #define IMG4_CHIP_CRYPTEX1_ASSET_X86 (img4if->i4if_v18.chip_cryptex1_asset_x86) 291 #endif 292 293 OS_ASSUME_NONNULL_END 294 295 #endif // __IMG4_CHIP_CRYPTEX1_H 296