1 /*
2  * Copyright (C) 2015 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #pragma once
18 
19 #include <lib/hwkey/hwkey.h>
20 #include <lib/tipc/tipc.h>
21 #include <trusty_ipc.h>
22 
23 #include "aidl_service.h"
24 #include "block_device.h"
25 #include "ipc.h"
26 #include "tipc_ns.h"
27 #include "transaction.h"
28 
29 struct rpmb_key;
30 struct block_device_tipc;
31 
32 /**
33  * DOC: File System Identifiers
34  *
35  * These file system names can be used in log messages to distinguish between
36  * operations on different file systems. They are also mapped to identifiers to
37  * report metrics events.
38  *
39  * @file_system_id_td: Tamper detect storage. Rollback or tampering by
40  *                     non-secure code will be detected.
41  * @file_system_id_tdea: Tamper detect early-access storage. Rollback or
42  *                       tampering by non-secure code will be detected.
43  *                       Available before the non-secure OS has booted if
44  *                       supported by the boot loader.
45  * @file_system_id_tdp: Tamper detect persistent storage. Rollback or tampering
46  *                      by non-secure code will be detected. Data will persist
47  *                      across device wipes.
48  * @file_system_id_tp: Tamper proof storage. Non-secure code can prevent read
49  *                     and write operations from succeeding, but it cannot
50  *                     modify on-disk data.
51  * @file_system_id_nsp: Non-secure persistent storage. Deprecated.
52  */
53 extern const char file_system_id_td[];
54 extern const char file_system_id_tdea[];
55 extern const char file_system_id_tdp[];
56 extern const char file_system_id_tp[];
57 extern const char file_system_id_nsp[];
58 
59 /**
60  * struct block_device_rpmb
61  * @state:       Pointer to shared state containing ipc_handle and rpmb_state
62  * @dev:         Block device state
63  * @base:        First block to use in rpmb partition
64  * @is_userdata: Is this RPMB device tied to the state of the userdata
65  * partition?
66  */
67 struct block_device_rpmb {
68     struct block_device dev;
69     struct block_device_tipc* state;
70     uint16_t base;
71     bool is_userdata;
72 };
73 
74 /**
75  * struct block_device_ns
76  * @dev:        Block device state
77  * @state:      Pointer to shared state containing ipc_handle
78  * @ns_handle:  Handle
79  * @is_userdata: Is the backing file for this device in the (non-persistent)
80  *               userdata partition?
81  */
82 struct block_device_ns {
83     struct block_device dev;
84     struct block_device_tipc* state;
85     ns_handle_t ns_handle;
86     bool is_userdata;
87 };
88 
89 struct client_port_context {
90     struct fs* tr_state;
91     struct ipc_port_context client_ctx;
92 };
93 
94 /**
95  * struct block_device_tipc
96  * @ipc_handle
97  */
98 
99 struct block_device_tipc {
100     handle_t ipc_handle;
101     struct rpmb_state* rpmb_state;
102     struct storage_service_aidl_context* aidl_ctx;
103 
104     struct block_device_rpmb dev_rpmb;
105     struct fs tr_state_rpmb;
106     struct client_port_context fs_rpmb;
107     struct client_port_context fs_rpmb_boot;
108 
109 #if HAS_FS_TDP
110     struct block_device_ns dev_ns_tdp;
111     struct block_device_rpmb dev_ns_tdp_rpmb;
112     struct fs tr_state_ns_tdp;
113 #endif
114     struct client_port_context fs_tdp;
115 
116 #if HAS_FS_NSP
117     struct block_device_ns dev_ns_nsp;
118     struct block_device_ns dev_ns_nsp_superblock;
119     struct fs tr_state_ns_nsp;
120 #endif
121     struct client_port_context fs_nsp;
122 
123     struct block_device_ns dev_ns;
124     struct block_device_rpmb dev_ns_rpmb;
125     struct fs tr_state_ns;
126     struct client_port_context fs_ns;
127 };
128 
129 int block_device_tipc_init(struct block_device_tipc* state,
130                            struct tipc_hset* hset,
131                            struct storage_service_aidl_context* aidl_ctx,
132                            handle_t ipc_handle,
133                            const struct key* fs_key,
134                            const struct rpmb_key* rpmb_key,
135                            hwkey_session_t hwkey_session);
136 void block_device_tipc_uninit(struct block_device_tipc* state);
137