xref: /xnu-8792.61.2/bsd/sys/code_signing.h (revision 42e220869062b56f8d7d0726fd4c88954f87902c) 
1 /*
2  * Copyright (c) 2022 Apple Computer, Inc. All rights reserved.
3  *
4  * @APPLE_LICENSE_HEADER_START@
5  *
6  * The contents of this file constitute Original Code as defined in and
7  * are subject to the Apple Public Source License Version 1.1 (the
8  * "License").  You may not use this file except in compliance with the
9  * License.  Please obtain a copy of the License at
10  * http://www.apple.com/publicsource and read it before using this file.
11  *
12  * This Original Code and all software distributed under the License are
13  * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
14  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
16  * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT.  Please see the
17  * License for the specific language governing rights and limitations
18  * under the License.
19  *
20  * @APPLE_LICENSE_HEADER_END@
21  */
22 
23 #ifndef _SYS_CODE_SIGNING_H_
24 #define _SYS_CODE_SIGNING_H_
25 
26 #include <sys/cdefs.h>
27 __BEGIN_DECLS
28 
29 #ifdef KERNEL_PRIVATE
30 /* All definitions for XNU and kernel extensions */
31 
32 #ifdef XNU_KERNEL_PRIVATE
33 /* All definitions for XNU only */
34 
35 #include <vm/pmap_cs.h>
36 
37 #if   PMAP_CS_PPL_MONITOR
38 #define CODE_SIGNING_MONITOR 1
39 #else
40 #define CODE_SIGNING_MONITOR 0
41 #endif
42 
43 #if CODE_SIGNING_MONITOR
44 /* All definitions which are only required for monitor-specific code */
45 
46 /**
47  * This function is used to initialize the state of the locks for managing provisioning
48  * profiles on the system. It should be called by the kernel bootstrap thread during the
49  * early kernel initialization.
50  */
51 void
52 initialize_provisioning_profiles(void);
53 
54 /**
55  * Register a provisioning profile with the monitor environment available on the
56  * system. This function will allocate its own memory for managing the profile and
57  * the caller is allowed to free their own allocation.
58  */
59 kern_return_t
60 register_provisioning_profile(
61 	const uuid_t profile_uuid,
62 	const void *profile, const size_t profile_size);
63 
64 /**
65  * Associate a registered profile with a code signature object which is managed by
66  * the monitor environment. This incrementes the reference count on the profile object
67  * managed by the monitor, preventing the profile from being unregistered.
68  */
69 kern_return_t
70 associate_provisioning_profile(
71 	void *monitor_sig_obj,
72 	const uuid_t profile_uuid);
73 
74 /**
75  * Disassociate an associated profile with a code signature object which is managed by
76  * the monitor environment. This decrements the refernce count on the profile object
77  * managed by the monitor, potentially allowing it to be unregistered in case no other
78  * signatures hold a reference count to it.
79  */
80 kern_return_t
81 disassociate_provisioning_profile(
82 	void *monitor_sig_obj);
83 
84 /**
85  * Trigger the provisioning profile garbage collector to go through each registered
86  * profile on the system and unregister it in case it isn't being used.
87  */
88 void
89 free_provisioning_profiles(void);
90 
91 #endif /* CODE_SIGNING_MONITOR */
92 
93 #endif /* XNU_KERNEL_PRIVATE */
94 
95 #include <mach/boolean.h>
96 #include <mach/kern_return.h>
97 
98 /* Availability macros for KPI functions */
99 #define XNU_SUPPORTS_PROFILE_GARBAGE_COLLECTION 1
100 
101 /**
102  * Enable developer mode on the system. When the system contains a monitor environment,
103  * developer mode is turned on by trapping into the appropriate monitor environment.
104  */
105 void
106 enable_developer_mode(void);
107 
108 /**
109  * Disable developer mode on the system. When the system contains a monitor environment,
110  * developer mode is turned off by trapping into the appropriate monitor environment.
111  */
112 void
113 disable_developer_mode(void);
114 
115 /**
116  * Query the current state of developer mode on the system. This call never traps into
117  * the monitor environment because XNU can directly read the monitors memory.
118  */
119 bool
120 developer_mode_state(void);
121 
122 /**
123  * Wrapper function which is exposed to kernel extensions. This can be used to trigger
124  * a call to the garbage collector for going through and unregistring all unused profiles
125  * on the system.
126  */
127 void
128 garbage_collect_provisioning_profiles(void);
129 
130 #endif /* KERNEL_PRIVATE */
131 
132 __END_DECLS
133 #endif /* _SYS_CODE_SIGNING_H_ */
134