Notes re: Exclaves
Apple OSS code
XNU readme contains references to internal ExclaveKit and ExclaveCore platform SDKs:
Add your header file to the correct file list depending on where you want to install it. The default locations where the header files are installed from each file list are -
(...)
j. `EXCLAVEKIT_DATAFILES` : To make header file available to Apple internal ExclaveKit SDK -
`$(DSTROOT)/System/ExclaveKit/usr/include`
k. `EXCLAVECORE_DATAFILES` : To make header file available to Apple internal ExclaveCore SDK -
`$(DSTROOT)/System/ExclaveCore/usr/include`
TARGET_OS_EXCLAVEKIT is used in numerous Darwin repositories (xnu, dyld, objc4, libmalloc, libc) and even swiftlang/swift-foundation, mostly to exclude code from this target.
Internal tool/header references in OSS code
objc4/scripts/exclave-run
ExclavesEngineeringRuntimeInternal.dmg
/Volumes/ExclavesEngineeringRuntimeInternal/System/ExclaveCore/usr/local/bin/prototype-sample-exclavekit-launcher
usr/local/bin/ExclaveVisor (in the internal macOS SDK)
System/ExclaveCore/usr/local/standalone/cL4/l4.EVP.DEBUG (in the internal ExclaveCore-macOS SDK)
Headers referenced by various repos:
"kern/exclaves.tightbeam.h" (not present on github, tightbeam.h referenced by xnu/iokit/Exclaves/Makefile as presumably codegen output, see also https://github.com/upx/upx/issues/612#issuecomment-1819180475)
<Tightbeam/tightbeam.h> and <Tightbeam/tightbeam_private.h>
<xnuproxy/exclaves.h> and <xnuproxy/messages.h>
<xrt_hosted_types/types.h>
Things said by others
Guilherme Rambo on Mastodon:
https://mastodon.social/@_inside/112440596781136013 and
https://mastodon.social/@_inside/112552696723119626 (re: Secure Indicator Light)
Saagar Jha on Hacker News, re: Secure Indicator Light
https://news.ycombinator.com/item?id=40581723
"It’s not a separate chip but a bit of code isolated from the main OS."
"It’s not a physical LED, it’s essentially a piece of software isolated from the OS that draws to the screen"
"Exclaves run on the AP"
"A good starting point for thinking about exclaves is by looking at ARM Realms or how pKVM is designed in Android."
Siguza on infosec.space
"L4 was gone from the AP (as of iOS 8). I think it's only now returning in ExclaveCore in GL1 under SPTM in GL2."
https://infosec.space/@siguza/112539155816247609 - Thread talks about historical uses of L4 in iOS
Asahi Linux IRC
https://oftc.irclog.whitequark.org/asahi-dev/2024-10-24
14:44 <nickchan> sven: Don't think the exclaves stuff is deployed on macOS yet but after that happens running macOS in hypervisor is going to be... interesting to say at least
14:44 <nickchan> especially on m1
14:45 <nickchan> because with exclaves, sptm and txm macOS by default would have stuff in EL2, EL0, GL2, GL1(!) and GL0
14:46 <nickchan> can do nested on m2 at least but m1, uh idk
14:46 <nickchan> I expect m4 macs to get it so we should see soon
14:48 <chaos_princess> Is there a writeup on exclaves anywhere, cause eclecticlight's is kinda... light on the details.
14:52 <nickchan> chaos_princess: Exclave is its own little OS
14:52 <nickchan> cL4 kernel, runs in GL1, called exclaveCore
14:53 <nickchan> exclave userland is called exclaveOS, has a rootfs dmg, dyld, libsystem all that
14:53 <nickchan> I think it's like 230 MB in size at least for M4 iPad
14:53 <chaos_princess> how is it different from the old ppl/whatever it is called now?
14:54 <nickchan> chaos_princess: sptm is the ppl replacement
14:54 <nickchan> both runs in GL2
14:55 <nickchan> the kicker here is that Exclave is essentially SPTM's VM so to run it properly under m1n1 nested virt is required
14:55 <chaos_princess> no i mean, what extra stuff does the exclave thing do, compared to what gl2 did previously?
14:58 <nickchan> note: TXM runs in GL0 too, and in this sense TXM is SPTM's userland
14:59 <nickchan> chaos_princess: Don't think there's much research on that besides eclecticlight's blog
https://oftc.irclog.whitequark.org/asahi-dev/2024-07-14#
08:44 <nickchan> A15-A17: SPTM introduced in iOS 17; M4: SPTM launched with iPadOS 17.5; M2: SPTM introduced in iOS 18/macOS 15
08:45 <nickchan> it is expected that it will eventually be introduced to M1/A14+
08:45 <jannau> sounds like it is part of the exclave handling present for tons of intersting devices in the ipad pro m4 ADT
08:47 <nickchan> yeah every exception level is used now GL2: SPTM; EL2: XNU; GL1: ExclaveCore; EL1: Guest Kernel; GL0: ExclaveOS; EL0: macOS userland
08:47 <nickchan> need SPTM as the hypervisor to run Exclave
Private iOS Frameworks
CoreSpeechExclave.framework
ExclaveFDRDecode.framework (FDR is "Factory Data Restore" and refers to various hardware calibration data being signed as boot objects)
EXDisplayPipe.framework
IsolatedCoreAudioClient.framework (This links Tightbeam)
ISPExclaveKitServices.framework
libmalloc_exclaves_introspector.framework
MobileAssetExclaveServices.framework
SILManager.framework (Links Tightbeam, refers to "Secure Indicator Light"
Tightbeam.framework
Exclave OS/ExclaveKit
Information fromiPhone17,1_18.3.1_22D72_Restore.ipsw
ExclaveOS: Disk image in iOS 18 builds for A18/M4 hardware (doesnt seem to be present in macOS nor pre-2024 device builds yet).
Entire mounted filesystem resides in /System/ExclaveKit/ which is about 500MB uncompressed.
Exclusively dylibs/frameworks - no executables besides System/ExclaveKit/usr/bin/tightbeam_stub. These frameworks are not in any shared cache currently, though this could change if the comment in (1) is telling the truth.
Info plists for bundled frameworks have a target platform of ExclaveKit.iPhoneOS and are built against an exclavekit.iphoneos18.3.internal SDK. The value for DTSDKBuild is blank.
Exclave Core
Tightbeam
Some kind of message passing format. Tightbeam.framework exists in both the main and exclave system disk images.
Discussion in the ATmosphere