1 /* 2 * Copyright (c) 2022 Apple Computer, Inc. All rights reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * The contents of this file constitute Original Code as defined in and 7 * are subject to the Apple Public Source License Version 1.1 (the 8 * "License"). You may not use this file except in compliance with the 9 * License. Please obtain a copy of the License at 10 * http://www.apple.com/publicsource and read it before using this file. 11 * 12 * This Original Code and all software distributed under the License are 13 * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER 14 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 15 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 16 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the 17 * License for the specific language governing rights and limitations 18 * under the License. 19 * 20 * @APPLE_LICENSE_HEADER_END@ 21 */ 22 23 #ifndef _SYS_CODE_SIGNING_INTERNAL_H_ 24 #define _SYS_CODE_SIGNING_INTERNAL_H_ 25 26 #include <sys/cdefs.h> 27 __BEGIN_DECLS 28 29 #ifdef XNU_KERNEL_PRIVATE 30 31 #include <mach/boolean.h> 32 #include <mach/kern_return.h> 33 #include <kern/cs_blobs.h> 34 #include <vm/pmap.h> 35 #include <vm/pmap_cs.h> 36 #include <img4/firmware.h> 37 38 #if PMAP_CS_PPL_MONITOR 39 /* Page Protection Layer -- PMAP_CS */ 40 #define CODE_SIGNING_MONITOR 1 41 #define CODE_SIGNING_MONITOR_PREFIX ppl 42 43 #else 44 /* No monitor -- XNU */ 45 #define CODE_SIGNING_MONITOR 0 46 #define CODE_SIGNING_MONITOR_PREFIX xnu 47 48 #endif /* */ 49 50 /** 51 * This macro can be used by code which is abstracting out the concept of the code 52 * signing monitor in order to redirect calls to the correct monitor environment. 53 */ 54 #define __CSM_PREFIX(prefix, name) prefix##_##name 55 #define _CSM_PREFIX(prefix, name) __CSM_PREFIX(prefix, name) 56 #define CSM_PREFIX(name) _CSM_PREFIX(CODE_SIGNING_MONITOR_PREFIX, name) 57 58 void CSM_PREFIX(toggle_developer_mode)( 59 bool state); 60 61 void CSM_PREFIX(set_compilation_service_cdhash)( 62 const uint8_t cdhash[CS_CDHASH_LEN]); 63 64 bool CSM_PREFIX(match_compilation_service_cdhash)( 65 const uint8_t cdhash[CS_CDHASH_LEN]); 66 67 void CSM_PREFIX(set_local_signing_public_key)( 68 const uint8_t * public_key); 69 70 uint8_t* CSM_PREFIX(get_local_signing_public_key)(void); 71 72 void* CSM_PREFIX(image4_storage_data)( 73 size_t * allocated_size); 74 75 void CSM_PREFIX(image4_set_nonce)( 76 const img4_nonce_domain_index_t ndi, 77 const img4_nonce_t *nonce); 78 79 void CSM_PREFIX(image4_roll_nonce)( 80 const img4_nonce_domain_index_t ndi); 81 82 errno_t CSM_PREFIX(image4_copy_nonce)( 83 const img4_nonce_domain_index_t ndi, 84 img4_nonce_t *nonce_out); 85 86 errno_t CSM_PREFIX(image4_execute_object)( 87 img4_runtime_object_spec_index_t obj_spec_index, 88 const img4_buff_t *payload, 89 const img4_buff_t *manifest); 90 91 errno_t CSM_PREFIX(image4_copy_object)( 92 img4_runtime_object_spec_index_t obj_spec_index, 93 vm_address_t object_out, 94 size_t *object_length); 95 96 const void* CSM_PREFIX(image4_get_monitor_exports)(void); 97 98 errno_t CSM_PREFIX(image4_set_release_type)( 99 const char *release_type); 100 101 errno_t CSM_PREFIX(image4_set_bnch_shadow)( 102 const img4_nonce_domain_index_t ndi); 103 104 #if CODE_SIGNING_MONITOR 105 /* Function prototypes needed only when we have a monitor environment */ 106 107 bool CSM_PREFIX(code_signing_enabled)(void); 108 109 vm_size_t CSM_PREFIX(managed_code_signature_size)(void); 110 111 void CSM_PREFIX(unrestrict_local_signing_cdhash)( 112 const uint8_t cdhash[CS_CDHASH_LEN]); 113 114 kern_return_t CSM_PREFIX(register_provisioning_profile)( 115 const void *profile_blob, 116 const size_t profile_blob_size, 117 void **profile_obj); 118 119 kern_return_t CSM_PREFIX(unregister_provisioning_profile)( 120 void *profile_obj); 121 122 kern_return_t CSM_PREFIX(associate_provisioning_profile)( 123 void *sig_obj, 124 void *profile_obj); 125 126 kern_return_t CSM_PREFIX(disassociate_provisioning_profile)( 127 void *sig_obj); 128 129 kern_return_t CSM_PREFIX(register_code_signature)( 130 const vm_address_t signature_addr, 131 const vm_size_t signature_size, 132 const vm_offset_t code_directory_offset, 133 const char *signature_path, 134 void **sig_obj, 135 vm_address_t *monitor_signature_addr); 136 137 kern_return_t CSM_PREFIX(unregister_code_signature)( 138 void *sig_obj); 139 140 kern_return_t CSM_PREFIX(verify_code_signature)( 141 void *sig_obj); 142 143 kern_return_t CSM_PREFIX(reconstitute_code_signature)( 144 void *sig, 145 vm_address_t *unneeded_addr, 146 vm_size_t *unneeded_size); 147 148 kern_return_t CSM_PREFIX(associate_code_signature)( 149 pmap_t pmap, 150 void *sig_obj, 151 const vm_address_t region_addr, 152 const vm_size_t region_size, 153 const vm_offset_t region_offset); 154 155 kern_return_t CSM_PREFIX(associate_jit_region)( 156 pmap_t pmap, 157 const vm_address_t region_addr, 158 const vm_size_t region_size); 159 160 kern_return_t CSM_PREFIX(associate_debug_region)( 161 pmap_t pmap, 162 const vm_address_t region_addr, 163 const vm_size_t region_size); 164 165 kern_return_t CSM_PREFIX(allow_invalid_code)( 166 pmap_t pmap); 167 168 kern_return_t CSM_PREFIX(address_space_exempt)( 169 const pmap_t pmap); 170 171 kern_return_t CSM_PREFIX(fork_prepare)( 172 pmap_t old_pmap, 173 pmap_t new_pmap); 174 175 kern_return_t CSM_PREFIX(acquire_signing_identifier)( 176 const void *sig_obj, 177 const char **signing_id); 178 179 kern_return_t CSM_PREFIX(associate_kernel_entitlements)( 180 void *sig_obj, 181 const void *kernel_entitlements); 182 183 kern_return_t CSM_PREFIX(resolve_kernel_entitlements)( 184 pmap_t pmap, 185 const void **kernel_entitlements); 186 187 kern_return_t CSM_PREFIX(accelerate_entitlements)( 188 void *sig_obj, 189 CEQueryContext_t *ce_ctx); 190 191 #endif /* CODE_SIGNING_MONITOR */ 192 193 #endif /* XNU_KERNEL_PRIVATE */ 194 195 __END_DECLS 196 #endif /* _SYS_CODE_SIGNING_INTERNAL_H_ */ 197