1 #ifndef libTrustCache_TypesConfig_h
2 #define libTrustCache_TypesConfig_h
3
4 #include <sys/cdefs.h>
5 __BEGIN_DECLS
6
7 #include <TrustCache/Types.h>
8
9 #if XNU_KERNEL_PRIVATE
10 /*
11 * The AppleImage4 API definitions are accessed through the 'img4if' indirection
12 * layer within XNU itself. Kernel extensions can access them directly from the
13 * AppleImage4 headers.
14 */
15 #include <libkern/img4/interface.h>
16 #endif
17
18 #if !XNU_KERNEL_PRIVATE
19 /*
20 * XNU does not make this header available and uses different availability macros
21 * than kernel extensions or base user-space applications.
22 */
23 #include <TargetConditionals.h>
24 #endif
25
26 #pragma mark Chip Environments
27
28 static const img4_chip_t*
chipEnvironmentPersonalized(void)29 chipEnvironmentPersonalized(void) {
30 return img4_chip_select_personalized_ap();
31 }
32
33 static const img4_chip_t*
chipEnvironmentCategorized(void)34 chipEnvironmentCategorized(void) {
35 return img4_chip_select_categorized_ap();
36 }
37
38 static const img4_chip_t*
chipEnvironmentGlobalFF00(void)39 chipEnvironmentGlobalFF00(void) {
40 return IMG4_CHIP_AP_SOFTWARE_FF00;
41 }
42
43 static const img4_chip_t*
chipEnvironmentGlobalFF01(void)44 chipEnvironmentGlobalFF01(void) {
45 return IMG4_CHIP_AP_SOFTWARE_FF01;
46 }
47
48 static const img4_chip_t*
chipEnvironmentGlobalFF06(void)49 chipEnvironmentGlobalFF06(void) {
50 return IMG4_CHIP_AP_SOFTWARE_FF06;
51 }
52
53 static const img4_chip_t*
chipEnvironmentEphemeralCryptex(void)54 chipEnvironmentEphemeralCryptex(void) {
55 return IMG4_CHIP_AP_SUPPLEMENTAL;
56 }
57
58 static const img4_chip_t*
chipEnvironmentCryptex1Boot(void)59 chipEnvironmentCryptex1Boot(void) {
60 #if IMG4_API_VERSION >= 20211126
61 return img4_chip_select_cryptex1_boot();
62 #else
63 return NULL;
64 #endif
65 }
66
67 static const img4_chip_t*
chipEnvironmentCryptex1PreBoot(void)68 chipEnvironmentCryptex1PreBoot(void) {
69 #if IMG4_API_VERSION >= 20211126
70 return img4_chip_select_cryptex1_preboot();
71 #else
72 return NULL;
73 #endif
74 }
75
76 static const img4_chip_t*
chipEnvironmentCryptex1MobileAsset(void)77 chipEnvironmentCryptex1MobileAsset(void) {
78 #if IMG4_API_VERSION >= 20211126
79 return IMG4_CHIP_CRYPTEX1_ASSET;
80 #else
81 return NULL;
82 #endif
83 }
84
85 static const img4_chip_t*
chipEnvironmentSafariDownlevel(void)86 chipEnvironmentSafariDownlevel(void) {
87 #if IMG4_API_VERSION >= 20211126
88 return IMG4_CHIP_CRYPTEX1_BOOT_REDUCED;
89 #else
90 return NULL;
91 #endif
92 }
93
94 static const img4_chip_t*
chipEnvironmentSupplemental(void)95 chipEnvironmentSupplemental(void) {
96 return IMG4_CHIP_AP_SUPPLEMENTAL;
97 }
98
99 static const img4_chip_t*
chipEnvironmentCryptex1Generic(void)100 chipEnvironmentCryptex1Generic(void) {
101 #if IMG4_API_VERSION >= 20221202
102 return IMG4_CHIP_CRYPTEX1_GENERIC;
103 #else
104 return NULL;
105 #endif
106 }
107
108 static const img4_chip_t*
chipEnvironmentCryptex1GenericSupplemental(void)109 chipEnvironmentCryptex1GenericSupplemental(void) {
110 #if IMG4_API_VERSION >= 20221202
111 return IMG4_CHIP_CRYPTEX1_GENERIC_SUPPLEMENTAL;
112 #else
113 return NULL;
114 #endif
115 }
116
117 #pragma mark Nonce Domains
118
119 static const img4_nonce_domain_t*
nonceDomainTrustCache(void)120 nonceDomainTrustCache(void) {
121 return IMG4_NONCE_DOMAIN_TRUST_CACHE;
122 }
123
124 static const img4_nonce_domain_t*
nonceDomainDDI(void)125 nonceDomainDDI(void) {
126 return IMG4_NONCE_DOMAIN_DDI;
127 }
128
129 static const img4_nonce_domain_t*
nonceDomainCryptex(void)130 nonceDomainCryptex(void) {
131 return IMG4_NONCE_DOMAIN_CRYPTEX;
132 }
133
134 static const img4_nonce_domain_t*
nonceDomainEphemeralCryptex(void)135 nonceDomainEphemeralCryptex(void) {
136 return IMG4_NONCE_DOMAIN_EPHEMERAL_CRYPTEX;
137 }
138
139 static const img4_nonce_domain_t*
nonceDomainPDI(void)140 nonceDomainPDI(void) {
141 return IMG4_NONCE_DOMAIN_PDI;
142 }
143
144 #pragma mark Firmware Flags
145
146 static img4_firmware_flags_t
firmwareFlagsDTRS(void)147 firmwareFlagsDTRS(void) {
148 return IMG4_FIRMWARE_FLAG_RESPECT_AMNM;
149 }
150
151 static img4_firmware_flags_t
firmwareFlagsSplat(void)152 firmwareFlagsSplat(void) {
153 #if XNU_TARGET_OS_OSX && (defined(__arm__) || defined(__arm64__))
154 return IMG4_FIRMWARE_FLAG_SUBSEQUENT_STAGE;
155 #elif defined(TARGET_OS_OSX) && TARGET_OS_OSX && (TARGET_CPU_ARM || TARGET_CPU_ARM64)
156 return IMG4_FIRMWARE_FLAG_SUBSEQUENT_STAGE;
157 #else
158 return IMG4_FIRMWARE_FLAG_INIT;
159 #endif
160 }
161
162 #pragma mark Type Configuration
163
164 typedef struct _TrustCacheTypeConfig {
165 /* Chip environment to use for validation */
166 const img4_chip_t* (*chipEnvironment)(void);
167
168 /* Nonce domain for anti-replay */
169 const img4_nonce_domain_t* (*nonceDomain)(void);
170
171 /* Four CC identifier for this type */
172 img4_4cc_t fourCC;
173
174 /* Firmware flags to add for this configuration */
175 img4_firmware_flags_t (*firmwareFlags)(void);
176
177 /*
178 * Higher level policy imposes restrictions on which process can load
179 * which trust cache. These restrictions are enforced through the use
180 * of the entitlement "com.apple.private.pmap.load-trust-cache". The
181 * value here is the required value of the above entitlement.
182 */
183 const char *entitlementValue;
184 } TrustCacheTypeConfig_t;
185
186 #pragma GCC diagnostic push
187 #pragma GCC diagnostic ignored "-Wfour-char-constants"
188
189 static const TrustCacheTypeConfig_t TCTypeConfig[kTCTypeTotal] = {
190 /* Static trust caches are loaded as raw modules */
191 [kTCTypeStatic] = {
192 .chipEnvironment = NULL,
193 .nonceDomain = NULL,
194 .fourCC = 0,
195 .firmwareFlags = NULL,
196 .entitlementValue = NULL
197 },
198
199 /* Engineering trust caches are loaded as raw modules */
200 [kTCTypeEngineering] = {
201 .chipEnvironment = NULL,
202 .nonceDomain = NULL,
203 .fourCC = 0,
204 .firmwareFlags = NULL,
205 .entitlementValue = NULL
206 },
207
208 /* Legacy trust caches are loaded as raw modules */
209 [kTCTypeLegacy] = {
210 .chipEnvironment = NULL,
211 .nonceDomain = NULL,
212 .fourCC = 0,
213 .firmwareFlags = NULL,
214 .entitlementValue = NULL
215 },
216
217 [kTCTypeDTRS] = {
218 .chipEnvironment = chipEnvironmentPersonalized,
219 .nonceDomain = NULL,
220 .fourCC = 'dtrs',
221 .firmwareFlags = firmwareFlagsDTRS,
222 .entitlementValue = "personalized.engineering-root"
223 },
224
225 [kTCTypeLTRS] = {
226 .chipEnvironment = chipEnvironmentPersonalized,
227 .nonceDomain = nonceDomainTrustCache,
228 .fourCC = 'ltrs',
229 .firmwareFlags = NULL,
230 .entitlementValue = "personalized.trust-cache"
231 },
232
233 [kTCTypePersonalizedDiskImage] = {
234 .chipEnvironment = chipEnvironmentPersonalized,
235 .nonceDomain = nonceDomainPDI,
236 .fourCC = 'ltrs',
237 .firmwareFlags = NULL,
238 .entitlementValue = "personalized.pdi"
239 },
240
241 [kTCTypeDeveloperDiskImage] = {
242 .chipEnvironment = chipEnvironmentCategorized,
243 .nonceDomain = nonceDomainDDI,
244 .fourCC = 'trdv',
245 .firmwareFlags = NULL,
246 .entitlementValue = "personalized.ddi"
247 },
248
249 [kTCTypeLTRSWithDDINonce] = {
250 .chipEnvironment = chipEnvironmentPersonalized,
251 .nonceDomain = nonceDomainDDI,
252 .fourCC = 'ltrs',
253 .firmwareFlags = NULL,
254 .entitlementValue = "personalized.ddi"
255 },
256
257 [kTCTypeCryptex] = {
258 .chipEnvironment = chipEnvironmentPersonalized,
259 .nonceDomain = nonceDomainCryptex,
260 .fourCC = 'ltrs',
261 .firmwareFlags = NULL,
262 .entitlementValue = "personalized.cryptex-research"
263 },
264
265 [kTCTypeEphemeralCryptex] = {
266 .chipEnvironment = chipEnvironmentEphemeralCryptex,
267 .nonceDomain = nonceDomainEphemeralCryptex,
268 .fourCC = 'ltrs',
269 .firmwareFlags = NULL,
270 .entitlementValue = "personalized.ephemeral-cryptex"
271 },
272
273 [kTCTypeUpdateBrain] = {
274 .chipEnvironment = chipEnvironmentGlobalFF00,
275 .nonceDomain = NULL,
276 .fourCC = 'ltrs',
277 .firmwareFlags = NULL,
278 .entitlementValue = "global.ota-update-brain"
279 },
280
281 [kTCTypeInstallAssistant] = {
282 .chipEnvironment = chipEnvironmentGlobalFF01,
283 .nonceDomain = NULL,
284 .fourCC = 'ltrs',
285 .firmwareFlags = NULL,
286 .entitlementValue = "global.install-assistant"
287 },
288
289 [kTCTypeBootabilityBrain] = {
290 .chipEnvironment = chipEnvironmentGlobalFF06,
291 .nonceDomain = NULL,
292 .fourCC = 'trbb',
293 .firmwareFlags = NULL,
294 .entitlementValue = "global.bootability-brain"
295 },
296
297 [kTCTypeCryptex1BootOS] = {
298 .chipEnvironment = chipEnvironmentCryptex1Boot,
299 .nonceDomain = NULL,
300 .fourCC = 'trcs',
301 .firmwareFlags = firmwareFlagsSplat,
302 .entitlementValue = "cryptex1.boot.os"
303 },
304
305 [kTCTypeCryptex1BootApp] = {
306 .chipEnvironment = chipEnvironmentCryptex1Boot,
307 .nonceDomain = NULL,
308 .fourCC = 'trca',
309 .firmwareFlags = firmwareFlagsSplat,
310 .entitlementValue = "cryptex1.boot.app"
311 },
312
313 [kTCTypeCryptex1PreBootApp] = {
314 .chipEnvironment = chipEnvironmentCryptex1PreBoot,
315 .nonceDomain = NULL,
316 .fourCC = 'trca',
317 .firmwareFlags = firmwareFlagsSplat,
318 .entitlementValue = "cryptex1.preboot.app"
319 },
320
321 [kTCTypeGlobalDiskImage] = {
322 .chipEnvironment = chipEnvironmentGlobalFF00,
323 .nonceDomain = NULL,
324 .fourCC = 'ltrs',
325 .firmwareFlags = NULL,
326 .entitlementValue = "global.pdi"
327 },
328
329 [kTCTypeMobileAssetBrain] = {
330 .chipEnvironment = chipEnvironmentCryptex1MobileAsset,
331 .nonceDomain = NULL,
332 .fourCC = 'trab',
333 .firmwareFlags = NULL,
334 .entitlementValue = "personalized.mobile-asset-brain"
335 },
336
337 [kTCTypeSafariDownlevel] = {
338 .chipEnvironment = chipEnvironmentSafariDownlevel,
339 .nonceDomain = NULL,
340 .fourCC = 'trca',
341 .firmwareFlags = NULL,
342 .entitlementValue = "cryptex1.safari-downlevel"
343 },
344
345 [kTCTypeCryptex1PreBootOS] = {
346 .chipEnvironment = chipEnvironmentCryptex1PreBoot,
347 .nonceDomain = NULL,
348 .fourCC = 'trcs',
349 .firmwareFlags = firmwareFlagsSplat,
350 .entitlementValue = "cryptex1.preboot.os"
351 },
352
353 [kTCTypeSupplementalPersistent] = {
354 .chipEnvironment = chipEnvironmentSupplemental,
355 .nonceDomain = nonceDomainDDI,
356 .fourCC = 'ltrs',
357 .firmwareFlags = NULL,
358 .entitlementValue = "personalized.supplemental-persistent"
359 },
360
361 [kTCTypeSupplementalEphemeral] = {
362 .chipEnvironment = chipEnvironmentSupplemental,
363 .nonceDomain = nonceDomainPDI,
364 .fourCC = 'ltrs',
365 .firmwareFlags = NULL,
366 .entitlementValue = "personalized.supplemental-ephemeral"
367 },
368
369 [kTCTypeCryptex1Generic] = {
370 .chipEnvironment = chipEnvironmentCryptex1Generic,
371 .nonceDomain = NULL,
372 .fourCC = 'gtcd',
373 .firmwareFlags = NULL,
374 .entitlementValue = "cryptex1.generic"
375 },
376
377 [kTCTypeCryptex1GenericSupplemental] = {
378 .chipEnvironment = chipEnvironmentCryptex1GenericSupplemental,
379 .nonceDomain = NULL,
380 .fourCC = 'gtcd',
381 .firmwareFlags = NULL,
382 .entitlementValue = "cryptex1.generic.supplemental"
383 },
384
385 [kTCTypeMobileAssetBrainEphemeral] = {
386 .chipEnvironment = chipEnvironmentCryptex1MobileAsset,
387 .nonceDomain = nonceDomainPDI,
388 .fourCC = 'trab',
389 .firmwareFlags = NULL,
390 .entitlementValue = "personalized.mobile-asset-brain"
391 },
392 };
393
394 #pragma GCC diagnostic pop
395
396 __END_DECLS
397 #endif /* libTrustCache_TypesConfig_h */
398