xref: /xnu-11215.41.3/osfmk/kern/trustcache.h (revision 33de042d024d46de5ff4e89f2471de6608e37fa4) 
1 /*
2  * Copyright (c) 2018 Apple Computer, Inc. All rights reserved.
3  *
4  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5  *
6  * This file contains Original Code and/or Modifications of Original Code
7  * as defined in and that are subject to the Apple Public Source License
8  * Version 2.0 (the 'License'). You may not use this file except in
9  * compliance with the License. The rights granted to you under the License
10  * may not be used to create, or enable the creation or redistribution of,
11  * unlawful or unlicensed copies of an Apple operating system, or to
12  * circumvent, violate, or enable the circumvention or violation of, any
13  * terms of an Apple operating system software license agreement.
14  *
15  * Please obtain a copy of the License at
16  * http://www.opensource.apple.com/apsl/ and read it before using this file.
17  *
18  * The Original Code and all software distributed under the License are
19  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23  * Please see the License for the specific language governing rights and
24  * limitations under the License.
25  *
26  * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27  */
28 
29 #ifndef _KERN_TRUSTCACHE_H_
30 #define _KERN_TRUSTCACHE_H_
31 
32 #include <stdint.h>
33 
34 #include <kern/cs_blobs.h>
35 
36 #include <uuid/uuid.h>
37 
38 #ifdef XNU_PLATFORM_BridgeOS
39 /* Version 0 trust caches: No defined sorting order (thus only suitable for small trust caches).
40  * Used for loadable trust caches only, until phasing out support. */
41 typedef uint8_t trust_cache_hash0[CS_CDHASH_LEN];
42 struct trust_cache_module0 {
43 	uint32_t version;
44 	uuid_t uuid;
45 	uint32_t num_hashes;
46 	trust_cache_hash0 hashes[];
47 } __attribute__((__packed__));
48 #endif
49 
50 
51 /* Version 1 trust caches: Always sorted by cdhash, added hash type and flags field.
52  * Suitable for all trust caches. */
53 
54 struct trust_cache_entry1 {
55 	uint8_t cdhash[CS_CDHASH_LEN];
56 	uint8_t hash_type;
57 	uint8_t flags;
58 } __attribute__((__packed__));
59 
60 struct trust_cache_module1 {
61 	uint32_t version;
62 	uuid_t uuid;
63 	uint32_t num_entries;
64 	struct trust_cache_entry1 entries[];
65 } __attribute__((__packed__));
66 
67 // Trust Cache Entry Flags
68 #define CS_TRUST_CACHE_AMFID    0x1                     // valid cdhash for amfid
69 
70 /* Trust Cache lookup functions return their result as a 32bit value
71  * comprised of subfields, for straightforward passing through layers.
72  *
73  * Format:
74  *
75  * 0xXXCCBBAA
76  *
77  * AA:  0-7: lookup result
78  *  bit  0: TC_LOOKUP_FOUND: set if any entry found
79  *  bit  1: (obsolete) TC_LOOKUP_FALLBACK: set if found in legacy static trust cache
80  *  bit  2-7: reserved
81  * BB:  8-15: entry flags pass-through, see "Trust Cache Entry Flags" above
82  * CC: 16-23: code directory hash type of entry, see CS_HASHTYPE_* in cs_blobs.h
83  * XX: 24-31: reserved
84  */
85 
86 #define TC_LOOKUP_HASH_TYPE_SHIFT               16
87 #define TC_LOOKUP_HASH_TYPE_MASK                0xff0000L;
88 #define TC_LOOKUP_FLAGS_SHIFT                   8
89 #define TC_LOOKUP_FLAGS_MASK                    0xff00L
90 #define TC_LOOKUP_RESULT_SHIFT                  0
91 #define TC_LOOKUP_RESULT_MASK                   0xffL
92 
93 #define TC_LOOKUP_FOUND         1
94 
95 #endif /* _KERN_TRUSTCACHE_H */
96