include/sdp/dd_i.h - LeafOS-Devices/android_kernel_samsung_exynos9820 - Gitiles

 /*
  * File: include/sdp/dd.h
  *
  * Samsung dual DAR driver cache I/O relay to user space daemon interface
  *
  * Author: Olic Moon <olic.moon@samsung.com>
  */

 #ifndef INCLUDE_SDP_DD_I_H_
 #define INCLUDE_SDP_DD_I_H_

 #include <linux/ioctl.h>

 #define DDAR_DRIVER_VERSION_0	0	// SEC_PRODUCT_FEATURE_KNOX_CONFIG_DUALDAR_VERSION: NULL
 #define DDAR_DRIVER_VERSION_1	1	// SEC_PRODUCT_FEATURE_KNOX_CONFIG_DUALDAR_VERSION: 1.0.1
 /**
  * Use AES-CBC mode for en/decrypting data in DualDAR samsung-crypto.
  * In case of FOTA update, maintain AES-XTS mode.
  */
 #define DDAR_DRIVER_VERSION_2	2
 #define DDAR_DRIVER_VERISON_CURRENT (DDAR_DRIVER_VERSION_2)

 #define DD_KEY_DESC_PREFIX		"ddar:"
 #define DD_KEY_DESC_PREFIX_LEN 	5

 #define DD_POLICY_ENABLED				(0x01)
 #define DD_POLICY_USER_SPACE_CRYPTO 	(0x02)
 #define DD_POLICY_KERNEL_CRYPTO 		(0x04)
 #define DD_POLICY_GID_RESTRICTION		(0x08)
 #define DD_POLICY_SKIP_DECRYPTION_INNER	(0x10)
 #define DD_POLICY_SKIP_DECRYPTION_OUTER	(0x20)
 #define DD_POLICY_TRACE_FILE			(0x40)
 #define DD_POLICY_SECURE_ERASE			(0x80)

 #define AID_VENDOR_DDAR_DE_ACCESS		(5300)
 struct dd_policy {
 	char version; // dualdar feature version
 	char userid; // Android userid
 	short flags; // policy flags
 }__attribute__((__packed__));


 static inline int dd_policy_enabled(char flags) {
 	return (flags & DD_POLICY_ENABLED) ? 1:0;
 }

 static inline int dd_policy_user_space_crypto(char flags) {
 	return (flags & DD_POLICY_USER_SPACE_CRYPTO) ? 1:0;
 }

 static inline int dd_policy_kernel_crypto(char flags) {
 	return (flags & DD_POLICY_KERNEL_CRYPTO) ? 1:0;
 }

 static inline int dd_policy_encrypted(char flags) {
 	if (dd_policy_user_space_crypto(flags) || dd_policy_kernel_crypto(flags))
 		return 1;

 	return 0;
 }

 static inline int dd_policy_gid_restriction(char flags) {
 	return (flags & DD_POLICY_GID_RESTRICTION) ? 1:0;
 }

 static inline int dd_policy_secure_erase(char flags) {
 	return (flags & DD_POLICY_SECURE_ERASE) ? 1:0;
 }

 static inline int dd_policy_skip_decryption_inner_and_outer(char flags) {
 	return ((flags & DD_POLICY_SKIP_DECRYPTION_INNER) ? 1:0)
 			&& ((flags & DD_POLICY_SKIP_DECRYPTION_OUTER) ? 1:0);
 }

 static inline int dd_policy_skip_decryption_inner(char flags) {
 	return (flags & DD_POLICY_SKIP_DECRYPTION_INNER) ? 1:0;
 }

 static inline int dd_policy_trace_file(char flags) {
 	return (flags & DD_POLICY_TRACE_FILE) ? 1:0;
 }

 typedef enum {
 	DD_ENCRYPT = 0,
 	DD_DECRYPT,
 }dd_crypto_direction_t;

 typedef enum {
     DD_REQ_INVALID = 0,
 	DD_REQ_PREPARE = 1,
 	DD_REQ_CRYPTO_BIO = 2,
     DD_REQ_CRYPTO_PAGE = 3
 }dd_request_code_t;

 typedef enum {
     DD_RES_INVALID = 0,
     DD_RES_SUCCESS,
     DD_RES_FAILED,
 }dd_response_code_t;

 // BUG_ON(sizeof(struct metadata_hdr) != METADATA_HEADER_LEN)
 #define METADATA_HEADER_LEN		64
 struct metadata_hdr {
 	unsigned long ino;
 	unsigned char userid;
 	unsigned char initialized;
 	unsigned char reserved[54];
 }__attribute__((__packed__));

 struct dd_user_req {
     unsigned unique;
 	char version;
 	char userid;
 	short policy_flag;
 	unsigned long ino;
 	dd_request_code_t code;

 	union {
 		struct {
 			dd_crypto_direction_t rw;
 			unsigned long index;
 			unsigned long plain_addr;
 			unsigned long cipher_addr;
 		}bio;
 		struct {
 			unsigned long md_addr;
 		}prepare;
 	} u;
 };

 #define MAX_NUM_INO_PER_USER_REQUEST 64
 #define MAX_NUM_CONTROL_PAGE 8
 #define MAX_NUM_REQUEST_PER_CONTROL 64
 struct dd_mmap_control {
     unsigned num_requests;
     struct dd_user_req requests[MAX_NUM_REQUEST_PER_CONTROL];
 }__attribute__((__packed__));

 struct dd_mmap_area {
 	unsigned long start;
 	unsigned long size;
 }__attribute__((__packed__));

 struct dd_mmap_layout {
 	unsigned page_size;
 	unsigned page_num_limit;
 	struct dd_mmap_area control_area;
 	struct dd_mmap_area metadata_area;
 	struct dd_mmap_area plaintext_page_area;
 	struct dd_mmap_area ciphertext_page_area;
 }__attribute__((__packed__));

 #define DD_METADATA_NAME "dd_metadata"
 /**
  * ioctl flags
  */
 #define DD_IOCTL_GET_DEBUG_MASK			_IO('O', 0x01)
 #define DD_IOCTL_GET_MMAP_LAYOUT		_IO('O', 0x02)
 #define DD_IOCTL_DUMP_REQ_LIST			_IO('O', 0x03)
 #define DD_IOCTL_ABORT_PENDING_REQ_TIMEOUT _IO('O', 0x04)
 #define DD_IOCTL_UPDATE_LOCK_STATE		_IO('L', 0x01)
 #define DD_IOCTL_REGISTER_CRYPTO_TASK	_IO('C', 0x10)
 #define DD_IOCTL_UNREGISTER_CRYPTO_TASK	_IO('C', 0x20)
 #define DD_IOCTL_WAIT_CRYPTO_REQUEST	_IO('C', 0x01)
 #define DD_IOCTL_SUBMIT_CRYPTO_RESULT	_IO('C', 0x02)
 #define DD_IOCTL_ABORT_CRYPTO_REQUEST	_IO('C', 0x03)
 #define DD_IOCTL_GET_XATTR				_IO('M', 0x01)
 #define DD_IOCTL_SET_XATTR				_IO('M', 0x02)
 #define DD_IOCTL_ADD_KEY				_IO('K', 0x01)
 #define DD_IOCTL_EVICT_KEY				_IO('K', 0x02)
 #define DD_IOCTL_DUMP_KEY				_IO('K', 0x03)
 #define DD_IOCTL_SKIP_DECRYPTION_BOTH	_IO('K', 0x04)
 #define DD_IOCTL_SKIP_DECRYPTION_INNER	_IO('K', 0x05)
 #define DD_IOCTL_NO_SKIP_DECRYPTION		_IO('K', 0x06)
 #define DD_IOCTL_TRACE_DDAR_FILE		_IO('K', 0x07)
 #define DD_IOCTL_SEND_LOG				_IO('D', 0x01)

 //#define EXT4_IOC_GET_DD_POLICY			_IO('P', 0x00)
 //#define EXT4_IOC_SET_DD_POLICY			_IO('P', 0x01)
 //#define FS_IOC_GET_DD_POLICY			_IO('P', 0x00)
 //#define FS_IOC_SET_DD_POLICY			_IO('P', 0x01)

 #define MAX_XATTR_NAME_LEN 32
 #define MAX_XATTR_LEN 128
 struct dd_user_resp {
 	unsigned long ino;
 	int err;
 };

 static inline int get_user_resp_err(struct dd_user_resp *err, int num_err, unsigned long ino) {
 	int i;
 	for(i=0 ; i<num_err ; i++)
 		if (err[i].ino == ino)
 			return err[i].err;

 	return -ENOENT;
 }

 #define DD_LOGBUF_MAX (256)
 struct dd_ioc {
 	union {
 		struct {
 			int num_control_page;
 			int num_metadata_page;
 		}crypto_request;
 		struct {
 			int num_err;
 			struct dd_user_resp err[MAX_NUM_INO_PER_USER_REQUEST];
 		}crypto_response;
 		struct {
 			unsigned long ino;
 			char name[MAX_XATTR_NAME_LEN];
 			char value[MAX_XATTR_LEN];
 			unsigned int size;
 		}xattr;
 		struct {
 			int state;
 		}lock;
 		struct {
 			unsigned short userid;
 			unsigned char key[128];
 			unsigned short len;
 		}add_key;
 		struct {
 			unsigned short userid;
 		}evict_key;
 		struct {
 			unsigned short userid;
 			int fileDescriptor;
 		}dump_key;
 		struct {
 			unsigned short userid;
 			unsigned short mask;
 			unsigned char buf[DD_LOGBUF_MAX];
 		}log_msg;
 		struct dd_mmap_layout layout;
 		unsigned int debug_mask;
 		int user_error;
 	} u;
 }__attribute__((__packed__));

 enum {
 	DD_DEBUG_ERROR		= 1U << 0,
 	DD_DEBUG_INFO		= 1U << 1,
 	DD_DEBUG_VERBOSE	= 1U << 2,
 	DD_DEBUG_MEMDUMP	= 1U << 3,
 	DD_DEBUG_MEMORY		= 1U << 4,
 	DD_DEBUG_BENCHMARK	= 1U << 5,
 	DD_DEBUG_PROCESS	= 1U << 6,
 	DD_DEBUG_CALL_STACK	= 1U << 7,
 };

 #endif /* INCLUDE_SDP_DD_I_H_ */
	/*
	* File: include/sdp/dd.h
	*
	* Samsung dual DAR driver cache I/O relay to user space daemon interface
	*
	* Author: Olic Moon <olic.moon@samsung.com>
	*/

	#ifndef INCLUDE_SDP_DD_I_H_
	#define INCLUDE_SDP_DD_I_H_

	#include <linux/ioctl.h>

	#define DDAR_DRIVER_VERSION_0 0 // SEC_PRODUCT_FEATURE_KNOX_CONFIG_DUALDAR_VERSION: NULL
	#define DDAR_DRIVER_VERSION_1 1 // SEC_PRODUCT_FEATURE_KNOX_CONFIG_DUALDAR_VERSION: 1.0.1
	/**
	* Use AES-CBC mode for en/decrypting data in DualDAR samsung-crypto.
	* In case of FOTA update, maintain AES-XTS mode.
	*/
	#define DDAR_DRIVER_VERSION_2 2
	#define DDAR_DRIVER_VERISON_CURRENT (DDAR_DRIVER_VERSION_2)

	#define DD_KEY_DESC_PREFIX "ddar:"
	#define DD_KEY_DESC_PREFIX_LEN 5

	#define DD_POLICY_ENABLED (0x01)
	#define DD_POLICY_USER_SPACE_CRYPTO (0x02)
	#define DD_POLICY_KERNEL_CRYPTO (0x04)
	#define DD_POLICY_GID_RESTRICTION (0x08)
	#define DD_POLICY_SKIP_DECRYPTION_INNER (0x10)
	#define DD_POLICY_SKIP_DECRYPTION_OUTER (0x20)
	#define DD_POLICY_TRACE_FILE (0x40)
	#define DD_POLICY_SECURE_ERASE (0x80)

	#define AID_VENDOR_DDAR_DE_ACCESS (5300)
	struct dd_policy {
	char version; // dualdar feature version
	char userid; // Android userid
	short flags; // policy flags
	}__attribute__((__packed__));


	static inline int dd_policy_enabled(char flags) {
	return (flags & DD_POLICY_ENABLED) ? 1:0;
	}

	static inline int dd_policy_user_space_crypto(char flags) {
	return (flags & DD_POLICY_USER_SPACE_CRYPTO) ? 1:0;
	}

	static inline int dd_policy_kernel_crypto(char flags) {
	return (flags & DD_POLICY_KERNEL_CRYPTO) ? 1:0;
	}

	static inline int dd_policy_encrypted(char flags) {
	if (dd_policy_user_space_crypto(flags) \|\| dd_policy_kernel_crypto(flags))
	return 1;

	return 0;
	}

	static inline int dd_policy_gid_restriction(char flags) {
	return (flags & DD_POLICY_GID_RESTRICTION) ? 1:0;
	}

	static inline int dd_policy_secure_erase(char flags) {
	return (flags & DD_POLICY_SECURE_ERASE) ? 1:0;
	}

	static inline int dd_policy_skip_decryption_inner_and_outer(char flags) {
	return ((flags & DD_POLICY_SKIP_DECRYPTION_INNER) ? 1:0)
	&& ((flags & DD_POLICY_SKIP_DECRYPTION_OUTER) ? 1:0);
	}

	static inline int dd_policy_skip_decryption_inner(char flags) {
	return (flags & DD_POLICY_SKIP_DECRYPTION_INNER) ? 1:0;
	}

	static inline int dd_policy_trace_file(char flags) {
	return (flags & DD_POLICY_TRACE_FILE) ? 1:0;
	}

	typedef enum {
	DD_ENCRYPT = 0,
	DD_DECRYPT,
	}dd_crypto_direction_t;

	typedef enum {
	DD_REQ_INVALID = 0,
	DD_REQ_PREPARE = 1,
	DD_REQ_CRYPTO_BIO = 2,
	DD_REQ_CRYPTO_PAGE = 3
	}dd_request_code_t;

	typedef enum {
	DD_RES_INVALID = 0,
	DD_RES_SUCCESS,
	DD_RES_FAILED,
	}dd_response_code_t;

	// BUG_ON(sizeof(struct metadata_hdr) != METADATA_HEADER_LEN)
	#define METADATA_HEADER_LEN 64
	struct metadata_hdr {
	unsigned long ino;
	unsigned char userid;
	unsigned char initialized;
	unsigned char reserved[54];
	}__attribute__((__packed__));

	struct dd_user_req {
	unsigned unique;
	char version;
	char userid;
	short policy_flag;
	unsigned long ino;
	dd_request_code_t code;

	union {
	struct {
	dd_crypto_direction_t rw;
	unsigned long index;
	unsigned long plain_addr;
	unsigned long cipher_addr;
	}bio;
	struct {
	unsigned long md_addr;
	}prepare;
	} u;
	};

	#define MAX_NUM_INO_PER_USER_REQUEST 64
	#define MAX_NUM_CONTROL_PAGE 8
	#define MAX_NUM_REQUEST_PER_CONTROL 64
	struct dd_mmap_control {
	unsigned num_requests;
	struct dd_user_req requests[MAX_NUM_REQUEST_PER_CONTROL];
	}__attribute__((__packed__));

	struct dd_mmap_area {
	unsigned long start;
	unsigned long size;
	}__attribute__((__packed__));

	struct dd_mmap_layout {
	unsigned page_size;
	unsigned page_num_limit;
	struct dd_mmap_area control_area;
	struct dd_mmap_area metadata_area;
	struct dd_mmap_area plaintext_page_area;
	struct dd_mmap_area ciphertext_page_area;
	}__attribute__((__packed__));

	#define DD_METADATA_NAME "dd_metadata"
	/**
	* ioctl flags
	*/
	#define DD_IOCTL_GET_DEBUG_MASK _IO('O', 0x01)
	#define DD_IOCTL_GET_MMAP_LAYOUT _IO('O', 0x02)
	#define DD_IOCTL_DUMP_REQ_LIST _IO('O', 0x03)
	#define DD_IOCTL_ABORT_PENDING_REQ_TIMEOUT _IO('O', 0x04)
	#define DD_IOCTL_UPDATE_LOCK_STATE _IO('L', 0x01)
	#define DD_IOCTL_REGISTER_CRYPTO_TASK _IO('C', 0x10)
	#define DD_IOCTL_UNREGISTER_CRYPTO_TASK _IO('C', 0x20)
	#define DD_IOCTL_WAIT_CRYPTO_REQUEST _IO('C', 0x01)
	#define DD_IOCTL_SUBMIT_CRYPTO_RESULT _IO('C', 0x02)
	#define DD_IOCTL_ABORT_CRYPTO_REQUEST _IO('C', 0x03)
	#define DD_IOCTL_GET_XATTR _IO('M', 0x01)
	#define DD_IOCTL_SET_XATTR _IO('M', 0x02)
	#define DD_IOCTL_ADD_KEY _IO('K', 0x01)
	#define DD_IOCTL_EVICT_KEY _IO('K', 0x02)
	#define DD_IOCTL_DUMP_KEY _IO('K', 0x03)
	#define DD_IOCTL_SKIP_DECRYPTION_BOTH _IO('K', 0x04)
	#define DD_IOCTL_SKIP_DECRYPTION_INNER _IO('K', 0x05)
	#define DD_IOCTL_NO_SKIP_DECRYPTION _IO('K', 0x06)
	#define DD_IOCTL_TRACE_DDAR_FILE _IO('K', 0x07)
	#define DD_IOCTL_SEND_LOG _IO('D', 0x01)

	//#define EXT4_IOC_GET_DD_POLICY _IO('P', 0x00)
	//#define EXT4_IOC_SET_DD_POLICY _IO('P', 0x01)
	//#define FS_IOC_GET_DD_POLICY _IO('P', 0x00)
	//#define FS_IOC_SET_DD_POLICY _IO('P', 0x01)

	#define MAX_XATTR_NAME_LEN 32
	#define MAX_XATTR_LEN 128
	struct dd_user_resp {
	unsigned long ino;
	int err;
	};

	static inline int get_user_resp_err(struct dd_user_resp *err, int num_err, unsigned long ino) {
	int i;
	for(i=0 ; i<num_err ; i++)
	if (err[i].ino == ino)
	return err[i].err;

	return -ENOENT;
	}

	#define DD_LOGBUF_MAX (256)
	struct dd_ioc {
	union {
	struct {
	int num_control_page;
	int num_metadata_page;
	}crypto_request;
	struct {
	int num_err;
	struct dd_user_resp err[MAX_NUM_INO_PER_USER_REQUEST];
	}crypto_response;
	struct {
	unsigned long ino;
	char name[MAX_XATTR_NAME_LEN];
	char value[MAX_XATTR_LEN];
	unsigned int size;
	}xattr;
	struct {
	int state;
	}lock;
	struct {
	unsigned short userid;
	unsigned char key[128];
	unsigned short len;
	}add_key;
	struct {
	unsigned short userid;
	}evict_key;
	struct {
	unsigned short userid;
	int fileDescriptor;
	}dump_key;
	struct {
	unsigned short userid;
	unsigned short mask;
	unsigned char buf[DD_LOGBUF_MAX];
	}log_msg;
	struct dd_mmap_layout layout;
	unsigned int debug_mask;
	int user_error;
	} u;
	}__attribute__((__packed__));

	enum {
	DD_DEBUG_ERROR = 1U << 0,
	DD_DEBUG_INFO = 1U << 1,
	DD_DEBUG_VERBOSE = 1U << 2,
	DD_DEBUG_MEMDUMP = 1U << 3,
	DD_DEBUG_MEMORY = 1U << 4,
	DD_DEBUG_BENCHMARK = 1U << 5,
	DD_DEBUG_PROCESS = 1U << 6,
	DD_DEBUG_CALL_STACK = 1U << 7,
	};

	#endif /* INCLUDE_SDP_DD_I_H_ */