kernel_samsung_a53x/include/sdp/dd_i.h

/*
 * File: include/sdp/dd.h
 *
 * Samsung dual DAR driver cache I/O relay to user space daemon interface
 *
 * Author: Olic Moon <olic.moon@samsung.com>
 */

#ifndef INCLUDE_SDP_DD_I_H_
#define INCLUDE_SDP_DD_I_H_

#include <linux/ioctl.h>

#define DDAR_DRIVER_VERSION_0	0	// SEC_PRODUCT_FEATURE_KNOX_CONFIG_DUALDAR_VERSION: NULL
#define DDAR_DRIVER_VERSION_1	1	// SEC_PRODUCT_FEATURE_KNOX_CONFIG_DUALDAR_VERSION: 1.0.1
/**
 * Use AES-CBC mode for en/decrypting data in DualDAR samsung-crypto.
 * In case of FOTA update, maintain AES-XTS mode.
 */
#define DDAR_DRIVER_VERSION_2	2
#define DDAR_DRIVER_VERISON_CURRENT (DDAR_DRIVER_VERSION_2)

#define DD_KEY_DESC_PREFIX		"ddar:"
#define DD_KEY_DESC_PREFIX_LEN 	5

#define DD_POLICY_ENABLED				(0x01)
#define DD_POLICY_USER_SPACE_CRYPTO 	(0x02)
#define DD_POLICY_KERNEL_CRYPTO 		(0x04)
#define DD_POLICY_GID_RESTRICTION		(0x08)
#define DD_POLICY_SKIP_DECRYPTION_INNER	(0x10)
#define DD_POLICY_SKIP_DECRYPTION_OUTER	(0x20)
#define DD_POLICY_TRACE_FILE			(0x40)
#define DD_POLICY_SECURE_ERASE			(0x80)

#define AID_VENDOR_DDAR_DE_ACCESS		(5300)
struct dd_policy {
	char version; // dualdar feature version
	char userid; // Android userid
	short flags; // policy flags
} __attribute__((__packed__));


static inline int dd_policy_enabled(char flags)
{
	return (flags & DD_POLICY_ENABLED) ? 1:0;
}

static inline int dd_policy_user_space_crypto(char flags)
{
	return (flags & DD_POLICY_USER_SPACE_CRYPTO) ? 1:0;
}

static inline int dd_policy_kernel_crypto(char flags)
{
	return (flags & DD_POLICY_KERNEL_CRYPTO) ? 1:0;
}

static inline int dd_policy_encrypted(char flags)
{
	if (dd_policy_user_space_crypto(flags) || dd_policy_kernel_crypto(flags))
		return 1;

	return 0;
}

static inline int dd_policy_gid_restriction(char flags)
{
	return (flags & DD_POLICY_GID_RESTRICTION) ? 1:0;
}

static inline int dd_policy_secure_erase(char flags)
{
	return (flags & DD_POLICY_SECURE_ERASE) ? 1:0;
}

static inline int dd_policy_skip_decryption_inner_and_outer(char flags)
{
	return ((flags & DD_POLICY_SKIP_DECRYPTION_INNER) ? 1:0)
			&& ((flags & DD_POLICY_SKIP_DECRYPTION_OUTER) ? 1:0);
}

static inline int dd_policy_skip_decryption_inner(char flags)
{
	return (flags & DD_POLICY_SKIP_DECRYPTION_INNER) ? 1:0;
}

static inline int dd_policy_trace_file(char flags)
{
	return (flags & DD_POLICY_TRACE_FILE) ? 1:0;
}

typedef enum {
	DD_ENCRYPT = 0,
	DD_DECRYPT,
} dd_crypto_direction_t;

typedef enum {
	DD_REQ_INVALID = 0,
	DD_REQ_PREPARE = 1,
	DD_REQ_CRYPTO_BIO = 2,
	DD_REQ_CRYPTO_PAGE = 3
} dd_request_code_t;

typedef enum {
	DD_RES_INVALID = 0,
	DD_RES_SUCCESS,
	DD_RES_FAILED,
} dd_response_code_t;

// BUG_ON(sizeof(struct metadata_hdr) != METADATA_HEADER_LEN)
#define METADATA_HEADER_LEN		64
struct metadata_hdr {
	unsigned long ino;
	unsigned char userid;
	unsigned char initialized;
	unsigned char reserved[54];
} __attribute__((__packed__));

struct dd_user_req {
    unsigned unique;
	char version;
	char userid;
	short policy_flag;
	unsigned long ino;
	dd_request_code_t code;

	union {
		struct {
			dd_crypto_direction_t rw;
			unsigned long index;
			unsigned long plain_addr;
			unsigned long cipher_addr;
		} bio;
		struct {
			unsigned long md_addr;
		} prepare;
	} u;
};

#define MAX_NUM_INO_PER_USER_REQUEST 64
#define MAX_NUM_CONTROL_PAGE 16
#define MAX_NUM_REQUEST_PER_CONTROL 64
struct dd_mmap_control {
	unsigned num_requests;
	struct dd_user_req requests[MAX_NUM_REQUEST_PER_CONTROL];
} __attribute__((__packed__));

struct dd_mmap_area {
	unsigned long start;
	unsigned long size;
} __attribute__((__packed__));

struct dd_mmap_layout {
	unsigned page_size;
	unsigned page_num_limit;
	struct dd_mmap_area control_area;
	struct dd_mmap_area metadata_area;
	struct dd_mmap_area plaintext_page_area;
	struct dd_mmap_area ciphertext_page_area;
} __attribute__((__packed__));

#define DD_METADATA_NAME "dd_metadata"
/**
 * ioctl flags
 */
#define DD_IOCTL_GET_DEBUG_MASK			_IO('O', 0x01)
#define DD_IOCTL_GET_MMAP_LAYOUT		_IO('O', 0x02)
#define DD_IOCTL_DUMP_REQ_LIST			_IO('O', 0x03)
#define DD_IOCTL_ABORT_PENDING_REQ_TIMEOUT _IO('O', 0x04)
#define DD_IOCTL_UPDATE_LOCK_STATE		_IO('L', 0x01)
#define DD_IOCTL_GET_LOCK_STATE			_IOR('L', 0x02, unsigned int) /* KNOX_SUPPORT_DAR_DUAL_DO */
#define DD_IOCTL_REGISTER_CRYPTO_TASK	_IO('C', 0x10)
#define DD_IOCTL_UNREGISTER_CRYPTO_TASK	_IO('C', 0x20)
#define DD_IOCTL_WAIT_CRYPTO_REQUEST	_IO('C', 0x01)
#define DD_IOCTL_SUBMIT_CRYPTO_RESULT	_IO('C', 0x02)
#define DD_IOCTL_ABORT_CRYPTO_REQUEST	_IO('C', 0x03)
#define DD_IOCTL_GET_XATTR				_IO('M', 0x01)
#define DD_IOCTL_SET_XATTR				_IO('M', 0x02)
#define DD_IOCTL_ADD_KEY				_IO('K', 0x01)
#define DD_IOCTL_EVICT_KEY				_IO('K', 0x02)
#define DD_IOCTL_DUMP_KEY				_IO('K', 0x03)
#define DD_IOCTL_SKIP_DECRYPTION_BOTH	_IO('K', 0x04)
#define DD_IOCTL_SKIP_DECRYPTION_INNER	_IO('K', 0x05)
#define DD_IOCTL_NO_SKIP_DECRYPTION		_IO('K', 0x06)
#define DD_IOCTL_TRACE_DDAR_FILE		_IO('K', 0x07)
#define DD_IOCTL_SEND_LOG				_IO('D', 0x01)

//#define EXT4_IOC_GET_DD_POLICY			_IO('P', 0x00)
//#define EXT4_IOC_SET_DD_POLICY			_IO('P', 0x01)
//#define FS_IOC_GET_DD_POLICY			_IO('P', 0x00)
//#define FS_IOC_SET_DD_POLICY			_IO('P', 0x01)

#define MAX_XATTR_NAME_LEN 32
#define MAX_XATTR_LEN 128
struct dd_user_resp {
	unsigned long ino;
	int err;
};

static inline int get_user_resp_err(struct dd_user_resp *err, int num_err, unsigned long ino)
{
	int i;
	if (num_err <= MAX_NUM_REQUEST_PER_CONTROL) {
		for (i = 0; i < num_err; i++)
			if (err[i].ino == ino)
				return err[i].err;
	}

	return -ENOENT;
}

#define DD_LOGBUF_MAX (256)
struct dd_ioc {
	union {
		struct {
			int num_control_page;
			int num_metadata_page;
		} crypto_request;
		struct {
			int num_err;
			struct dd_user_resp err[MAX_NUM_INO_PER_USER_REQUEST];
		} crypto_response;
		struct {
			unsigned long ino;
			char name[MAX_XATTR_NAME_LEN];
			char value[MAX_XATTR_LEN];
			unsigned int size;
		} xattr;
		struct {
			int state;
		} lock;
		struct {
			unsigned short userid;
			unsigned char key[128];
			unsigned short len;
		} add_key;
		struct {
			unsigned short userid;
		} evict_key;
		struct {
			unsigned short userid;
			int fileDescriptor;
		} dump_key;
		struct {
			unsigned short userid;
			unsigned short mask;
			unsigned char buf[DD_LOGBUF_MAX];
		} log_msg;
		struct dd_mmap_layout layout;
		unsigned int debug_mask;
		int user_error;
	} u;
} __attribute__((__packed__));

enum {
	DD_DEBUG_ERROR		= 1U << 0,
	DD_DEBUG_INFO		= 1U << 1,
	DD_DEBUG_VERBOSE	= 1U << 2,
	DD_DEBUG_MEMDUMP	= 1U << 3,
	DD_DEBUG_MEMORY		= 1U << 4,
	DD_DEBUG_BENCHMARK	= 1U << 5,
	DD_DEBUG_PROCESS	= 1U << 6,
	DD_DEBUG_CALL_STACK	= 1U << 7,
};

#endif /* INCLUDE_SDP_DD_I_H_ */