1 /* 2 * Copyright (c) 2022 Apple Computer, Inc. All rights reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * The contents of this file constitute Original Code as defined in and 7 * are subject to the Apple Public Source License Version 1.1 (the 8 * "License"). You may not use this file except in compliance with the 9 * License. Please obtain a copy of the License at 10 * http://www.apple.com/publicsource and read it before using this file. 11 * 12 * This Original Code and all software distributed under the License are 13 * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER 14 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 15 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 16 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the 17 * License for the specific language governing rights and limitations 18 * under the License. 19 * 20 * @APPLE_LICENSE_HEADER_END@ 21 */ 22 23 #ifndef _SYS_CODE_SIGNING_TXM_H_ 24 #define _SYS_CODE_SIGNING_TXM_H_ 25 26 #if CONFIG_SPTM 27 28 #include <libkern/section_keywords.h> 29 #include <kern/locks.h> 30 #include <kern/lock_rw.h> 31 #include <vm/pmap.h> 32 #include <sys/queue.h> 33 #include <TrustedExecutionMonitor/API.h> 34 35 #ifndef kTXMImage4APIVersion 36 #define kTXMImage4APIVersion 0 37 #endif 38 39 /* These are hidden behind MACH_KERNEL_PRIVATE in other files */ 40 typedef uint64_t pmap_paddr_t __kernel_ptr_semantics; 41 extern vm_map_address_t phystokv(pmap_paddr_t pa); 42 extern pmap_paddr_t kvtophys_nofail(vm_offset_t va); 43 44 /* 45 * The runtime lock used to enforce concurrency on all trust cache operations 46 * within the kernel for TXM. This is needed because TXM only enforces concurrency 47 * through try-locks, which means the kernel also needs to enforce concurrency 48 * on its side in order to ensure the try-locks within TXM never fail. 49 */ 50 extern decl_lck_rw_data(, txm_trust_cache_lck); 51 52 /* Global read-only data of TXM */ 53 extern const TXMReadOnlyData_t *txm_ro_data; 54 55 /* Code signing configuration of TXM */ 56 extern const CSConfig_t *txm_cs_config; 57 58 /* All statistical data collected from TXM */ 59 extern const TXMStatistics_t *txm_stats; 60 61 /* All static trust cache information collected from TXM */ 62 extern uint32_t num_static_trust_caches; 63 extern TCCapabilities_t static_trust_cache_capabilities0; 64 extern TCCapabilities_t static_trust_cache_capabilities1; 65 66 typedef struct _txm_thread_stack { 67 /* Virtual mapping of the thread stack page */ 68 uintptr_t thread_stack_papt; 69 70 /* Physical page used for the thread stack */ 71 uintptr_t thread_stack_phys; 72 73 /* Pointer to the thread stack structure on the thread stack page */ 74 TXMThreadStack_t *thread_stack_data; 75 76 /* Linkage for the singly-linked-list */ 77 SLIST_ENTRY(_txm_thread_stack) link; 78 } txm_thread_stack_t; 79 80 typedef struct _txm_call { 81 /* Input arguments */ 82 TXMKernelSelector_t selector; 83 TXMReturnCode_t failure_code_silent; 84 bool failure_fatal; 85 bool failure_silent; 86 bool skip_logs; 87 uint32_t num_input_args; 88 uint32_t num_output_args; 89 90 /* Output arguments */ 91 TXMReturn_t txm_ret; 92 uint64_t num_return_words; 93 uint64_t return_words[kTXMStackReturnWords]; 94 } txm_call_t; 95 96 /** 97 * The main function to use for calling into the TrustedExecutionMonitor. This 98 * function handles all the bits required, including allocation/deallocation of 99 * the thread stack pages, the CPU instructions required to reach TXM, and also 100 * going through the TXM buffer and capturing any logs left by the monitor. 101 */ 102 kern_return_t 103 txm_kernel_call( 104 txm_call_t *parameters, ...); 105 106 /** 107 * Go through the TrustedExecutionMonitor logging buffer and print all the logs 108 * which TXM has added to it since the kernel last looked. 109 */ 110 void 111 txm_print_logs(void); 112 113 /** 114 * Pages which need to be locked down by the TrustedExecutionMonitor need to made 115 * owned by TXM. This function can be used to go through each physical page in a 116 * range and transfer it to the relevant TXM type. 117 */ 118 void 119 txm_transfer_region( 120 vm_address_t addr, 121 vm_size_t size); 122 123 /** 124 * As part of transferring a page to the TrustedExecutionMonitor, the range of 125 * memory is always made read-only. This function can be used to go through all 126 * of the mappings and make them read-write again. This can only be done when TXM 127 * has transferred control of the pages back to the kernel. 128 */ 129 void 130 txm_reclaim_region( 131 vm_address_t addr, 132 vm_size_t size); 133 134 /** 135 * Register an address space with the TrustedExecutionMonitor based on an address 136 * space ID. This needs to be done AFTER the SPTM has made its call into TXM for 137 * registering an address space ID otherwise the system will panic. 138 */ 139 kern_return_t 140 txm_register_address_space( 141 pmap_t pmap, 142 uint16_t addr_space_id, 143 TXMAddressSpaceFlags_t flags); 144 145 /** 146 * Unregister an address space from the TrustedExecutionMonitor using the address 147 * space object which was previously returned from TXM. This needs to be done 148 * AFTER the SPTM has unregistered the address space ID from TXM otherwise the 149 * system will panic. 150 */ 151 kern_return_t 152 txm_unregister_address_space( 153 pmap_t pmap); 154 155 #endif /* CONFIG_SPTM */ 156 #endif /* _SYS_CODE_SIGNING_TXM_H_ */ 157