X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/d9a64523371fa019c4575bb400cbbc3a50ac9903..refs/heads/master:/osfmk/kern/cs_blobs.h?ds=inline diff --git a/osfmk/kern/cs_blobs.h b/osfmk/kern/cs_blobs.h index cafafcaff..899a6a27f 100644 --- a/osfmk/kern/cs_blobs.h +++ b/osfmk/kern/cs_blobs.h @@ -29,6 +29,8 @@ #ifndef _KERN_CODESIGN_H_ #define _KERN_CODESIGN_H_ +#include + /* code signing attributes of a process */ #define CS_VALID 0x00000001 /* dynamically valid */ #define CS_ADHOC 0x00000002 /* ad hoc signed */ @@ -48,10 +50,11 @@ #define CS_ENTITLEMENTS_VALIDATED 0x00004000 /* code signature permits restricted entitlements */ #define CS_NVRAM_UNRESTRICTED 0x00008000 /* has com.apple.rootless.restricted-nvram-variables.heritable entitlement */ -#define CS_RUNTIME 0x00010000 /* Apply hardened runtime policies */ +#define CS_RUNTIME 0x00010000 /* Apply hardened runtime policies */ +#define CS_LINKER_SIGNED 0x00020000 /* Automatically signed by the linker */ #define CS_ALLOWED_MACHO (CS_ADHOC | CS_HARD | CS_KILL | CS_CHECK_EXPIRATION | \ - CS_RESTRICT | CS_ENFORCEMENT | CS_REQUIRE_LV | CS_RUNTIME) + CS_RESTRICT | CS_ENFORCEMENT | CS_REQUIRE_LV | CS_RUNTIME | CS_LINKER_SIGNED) #define CS_EXEC_SET_HARD 0x00100000 /* set CS_HARD on any exec'ed process */ #define CS_EXEC_SET_KILL 0x00200000 /* set CS_KILL on any exec'ed process */ @@ -72,33 +75,35 @@ /* executable segment flags */ -#define CS_EXECSEG_MAIN_BINARY 0x1 /* executable segment denotes main binary */ -#define CS_EXECSEG_ALLOW_UNSIGNED 0x10 /* allow unsigned pages (for debugging) */ -#define CS_EXECSEG_DEBUGGER 0x20 /* main binary is debugger */ -#define CS_EXECSEG_JIT 0x40 /* JIT enabled */ -#define CS_EXECSEG_SKIP_LV 0x80 /* OBSOLETE: skip library validation */ -#define CS_EXECSEG_CAN_LOAD_CDHASH 0x100 /* can bless cdhash for execution */ -#define CS_EXECSEG_CAN_EXEC_CDHASH 0x200 /* can execute blessed cdhash */ +#define CS_EXECSEG_MAIN_BINARY 0x1 /* executable segment denotes main binary */ +#define CS_EXECSEG_ALLOW_UNSIGNED 0x10 /* allow unsigned pages (for debugging) */ +#define CS_EXECSEG_DEBUGGER 0x20 /* main binary is debugger */ +#define CS_EXECSEG_JIT 0x40 /* JIT enabled */ +#define CS_EXECSEG_SKIP_LV 0x80 /* OBSOLETE: skip library validation */ +#define CS_EXECSEG_CAN_LOAD_CDHASH 0x100 /* can bless cdhash for execution */ +#define CS_EXECSEG_CAN_EXEC_CDHASH 0x200 /* can execute blessed cdhash */ /* * Magic numbers used by Code Signing */ enum { - CSMAGIC_REQUIREMENT = 0xfade0c00, /* single Requirement blob */ - CSMAGIC_REQUIREMENTS = 0xfade0c01, /* Requirements vector (internal requirements) */ - CSMAGIC_CODEDIRECTORY = 0xfade0c02, /* CodeDirectory blob */ + CSMAGIC_REQUIREMENT = 0xfade0c00, /* single Requirement blob */ + CSMAGIC_REQUIREMENTS = 0xfade0c01, /* Requirements vector (internal requirements) */ + CSMAGIC_CODEDIRECTORY = 0xfade0c02, /* CodeDirectory blob */ CSMAGIC_EMBEDDED_SIGNATURE = 0xfade0cc0, /* embedded form of signature data */ - CSMAGIC_EMBEDDED_SIGNATURE_OLD = 0xfade0b02, /* XXX */ - CSMAGIC_EMBEDDED_ENTITLEMENTS = 0xfade7171, /* embedded entitlements */ + CSMAGIC_EMBEDDED_SIGNATURE_OLD = 0xfade0b02, /* XXX */ + CSMAGIC_EMBEDDED_ENTITLEMENTS = 0xfade7171, /* embedded entitlements */ CSMAGIC_DETACHED_SIGNATURE = 0xfade0cc1, /* multi-arch collection of embedded signatures */ - CSMAGIC_BLOBWRAPPER = 0xfade0b01, /* CMS Signature, among other things */ + CSMAGIC_BLOBWRAPPER = 0xfade0b01, /* CMS Signature, among other things */ CS_SUPPORTSSCATTER = 0x20100, CS_SUPPORTSTEAMID = 0x20200, CS_SUPPORTSCODELIMIT64 = 0x20300, CS_SUPPORTSEXECSEG = 0x20400, + CS_SUPPORTSRUNTIME = 0x20500, + CS_SUPPORTSLINKAGE = 0x20600, - CSSLOT_CODEDIRECTORY = 0, /* slot index for CodeDirectory */ + CSSLOT_CODEDIRECTORY = 0, /* slot index for CodeDirectory */ CSSLOT_INFOSLOT = 1, CSSLOT_REQUIREMENTS = 2, CSSLOT_RESOURCEDIR = 3, @@ -106,15 +111,15 @@ enum { CSSLOT_ENTITLEMENTS = 5, CSSLOT_ALTERNATE_CODEDIRECTORIES = 0x1000, /* first alternate CodeDirectory, if any */ - CSSLOT_ALTERNATE_CODEDIRECTORY_MAX = 5, /* max number of alternate CD slots */ + CSSLOT_ALTERNATE_CODEDIRECTORY_MAX = 5, /* max number of alternate CD slots */ CSSLOT_ALTERNATE_CODEDIRECTORY_LIMIT = CSSLOT_ALTERNATE_CODEDIRECTORIES + CSSLOT_ALTERNATE_CODEDIRECTORY_MAX, /* one past the last */ - CSSLOT_SIGNATURESLOT = 0x10000, /* CMS Signature */ + CSSLOT_SIGNATURESLOT = 0x10000, /* CMS Signature */ CSSLOT_IDENTIFICATIONSLOT = 0x10001, CSSLOT_TICKETSLOT = 0x10002, - CSTYPE_INDEX_REQUIREMENTS = 0x00000002, /* compat with amfi */ - CSTYPE_INDEX_ENTITLEMENTS = 0x00000005, /* compat with amfi */ + CSTYPE_INDEX_REQUIREMENTS = 0x00000002, /* compat with amfi */ + CSTYPE_INDEX_ENTITLEMENTS = 0x00000005, /* compat with amfi */ CS_HASHTYPE_SHA1 = 1, CS_HASHTYPE_SHA256 = 2, @@ -125,15 +130,20 @@ enum { CS_SHA256_LEN = 32, CS_SHA256_TRUNCATED_LEN = 20, - CS_CDHASH_LEN = 20, /* always - larger hashes are truncated */ + CS_CDHASH_LEN = 20, /* always - larger hashes are truncated */ CS_HASH_MAX_SIZE = 48, /* max size of the hash we'll support */ /* - * Currently only to support Legacy VPN plugins, + * Currently only to support Legacy VPN plugins, and Mac App Store * but intended to replace all the various platform code, dev code etc. bits. */ CS_SIGNER_TYPE_UNKNOWN = 0, CS_SIGNER_TYPE_LEGACYVPN = 5, + CS_SIGNER_TYPE_MAC_APP_STORE = 6, + + CS_SUPPL_SIGNER_TYPE_UNKNOWN = 0, + CS_SUPPL_SIGNER_TYPE_TRUSTCACHE = 7, + CS_SUPPL_SIGNER_TYPE_LOCAL = 8, }; #define KERNEL_HAVE_CS_CODEDIRECTORY 1 @@ -143,41 +153,54 @@ enum { * C form of a CodeDirectory. */ typedef struct __CodeDirectory { - uint32_t magic; /* magic number (CSMAGIC_CODEDIRECTORY) */ - uint32_t length; /* total length of CodeDirectory blob */ - uint32_t version; /* compatibility version */ - uint32_t flags; /* setup and mode flags */ - uint32_t hashOffset; /* offset of hash slot element at index zero */ - uint32_t identOffset; /* offset of identifier string */ - uint32_t nSpecialSlots; /* number of special hash slots */ - uint32_t nCodeSlots; /* number of ordinary (code) hash slots */ - uint32_t codeLimit; /* limit to main image signature range */ - uint8_t hashSize; /* size of each hash in bytes */ - uint8_t hashType; /* type of hash (cdHashType* constants) */ - uint8_t platform; /* platform identifier; zero if not platform binary */ - uint8_t pageSize; /* log2(page size in bytes); 0 => infinite */ - uint32_t spare2; /* unused (must be zero) */ + uint32_t magic; /* magic number (CSMAGIC_CODEDIRECTORY) */ + uint32_t length; /* total length of CodeDirectory blob */ + uint32_t version; /* compatibility version */ + uint32_t flags; /* setup and mode flags */ + uint32_t hashOffset; /* offset of hash slot element at index zero */ + uint32_t identOffset; /* offset of identifier string */ + uint32_t nSpecialSlots; /* number of special hash slots */ + uint32_t nCodeSlots; /* number of ordinary (code) hash slots */ + uint32_t codeLimit; /* limit to main image signature range */ + uint8_t hashSize; /* size of each hash in bytes */ + uint8_t hashType; /* type of hash (cdHashType* constants) */ + uint8_t platform; /* platform identifier; zero if not platform binary */ + uint8_t pageSize; /* log2(page size in bytes); 0 => infinite */ + uint32_t spare2; /* unused (must be zero) */ char end_earliest[0]; /* Version 0x20100 */ - uint32_t scatterOffset; /* offset of optional scatter vector */ + uint32_t scatterOffset; /* offset of optional scatter vector */ char end_withScatter[0]; /* Version 0x20200 */ - uint32_t teamOffset; /* offset of optional team identifier */ + uint32_t teamOffset; /* offset of optional team identifier */ char end_withTeam[0]; /* Version 0x20300 */ - uint32_t spare3; /* unused (must be zero) */ - uint64_t codeLimit64; /* limit to main image signature range, 64 bits */ + uint32_t spare3; /* unused (must be zero) */ + uint64_t codeLimit64; /* limit to main image signature range, 64 bits */ char end_withCodeLimit64[0]; /* Version 0x20400 */ - uint64_t execSegBase; /* offset of executable segment */ - uint64_t execSegLimit; /* limit of executable segment */ - uint64_t execSegFlags; /* executable segment flags */ + uint64_t execSegBase; /* offset of executable segment */ + uint64_t execSegLimit; /* limit of executable segment */ + uint64_t execSegFlags; /* executable segment flags */ char end_withExecSeg[0]; + /* Version 0x20500 */ + uint32_t runtime; + uint32_t preEncryptOffset; + char end_withPreEncryptOffset[0]; + + /* Version 0x20600 */ + uint8_t linkageHashType; + uint8_t linkageTruncated; + uint16_t spare4; + uint32_t linkageOffset; + uint32_t linkageSize; + char end_withLinkage[0]; + /* followed by dynamic content as located by offset fields above */ } CS_CodeDirectory @@ -188,33 +211,33 @@ __attribute__ ((aligned(1))); */ typedef struct __BlobIndex { - uint32_t type; /* type of entry */ - uint32_t offset; /* offset of entry */ + uint32_t type; /* type of entry */ + uint32_t offset; /* offset of entry */ } CS_BlobIndex __attribute__ ((aligned(1))); typedef struct __SC_SuperBlob { - uint32_t magic; /* magic number */ - uint32_t length; /* total length of SuperBlob */ - uint32_t count; /* number of index entries following */ - CS_BlobIndex index[]; /* (count) entries */ + uint32_t magic; /* magic number */ + uint32_t length; /* total length of SuperBlob */ + uint32_t count; /* number of index entries following */ + CS_BlobIndex index[]; /* (count) entries */ /* followed by Blobs in no particular order as indicated by offsets in index */ } CS_SuperBlob __attribute__ ((aligned(1))); #define KERNEL_HAVE_CS_GENERICBLOB 1 typedef struct __SC_GenericBlob { - uint32_t magic; /* magic number */ - uint32_t length; /* total length of blob */ + uint32_t magic; /* magic number */ + uint32_t length; /* total length of blob */ char data[]; } CS_GenericBlob __attribute__ ((aligned(1))); typedef struct __SC_Scatter { - uint32_t count; // number of pages; zero for sentinel (only) - uint32_t base; // first page number - uint64_t targetOffset; // offset in target - uint64_t spare; // reserved + uint32_t count; // number of pages; zero for sentinel (only) + uint32_t base; // first page number + uint64_t targetOffset; // offset in target + uint64_t spare; // reserved } SC_Scatter __attribute__ ((aligned(1)));