Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / mobicore / refs/heads/fp2-sibon-2.0.1 / . / include / Public / mc_linux.h
blob: 98e7af1dae8fe2ed3c5f2dbfd28bded5ced20e0a [file] [log] [blame]
/*
* The MobiCore Driver Kernel Module is a Linux device driver, which represents
* the command proxy on the lowest layer to the secure world (Swd). Additional
* services like memory allocation via mmap and generation of a MMU tables for
* given virtual memory are also supported. IRQ functionality receives
* information from the SWd in the non secure world (NWd).
* As customary the driver is handled as linux device driver with "open",
* "close" and "ioctl" commands. Access to the driver is possible after the
* device "/dev/mobicore" has been opened.
* The MobiCore Driver Kernel Module must be installed via
* "insmod mcDrvModule.ko".
*
* <-- Copyright Giesecke & Devrient GmbH 2010-2012 -->
* <-- Copyright Trustonic Limited 2013 -->
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
* GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _MC_LINUX_H_
#define _MC_LINUX_H_
#include "version.h"
#ifndef __KERNEL__
#include <stdint.h>
#endif
#define MC_ADMIN_DEVNODE "mobicore"
#define MC_USER_DEVNODE "mobicore-user"
/*
* Data exchange structure of the MC_DRV_MODULE_INIT ioctl command.
* INIT request data to SWD
*/
struct mc_ioctl_init {
/* length of notification queue */
uint32_t nq_length;
/* mcp buffer start/length [16:16] [start, length] */
uint32_t mcp_offset;
/* length of mcp buffer */
uint32_t mcp_length;
};
/*
* Data exchange structure of the MC_DRV_MODULE_INFO ioctl command.
* INFO request data to the SWD
*/
struct mc_ioctl_info {
uint32_t ext_info_id; /* extended info ID */
uint32_t state; /* state */
uint32_t ext_info; /* extended info */
};
/*
* Data exchange structure of the MC_IO_MAP_WSM and MC_IO_MAP_MCI commands.
*
* Allocate a contiguous memory buffer for a process.
* The physical address can be used as for later calls to mmap.
* The handle can be used to communicate about this buffer to the Daemon.
* For MC_IO_MAP_MCI command, the reused field indicates that MCI was set up
* already. I.e. Daemon was restarted.
*/
struct mc_ioctl_map {
size_t len; /* Buffer length */
uint32_t handle; /* WSM handle */
uint64_t phys_addr; /* physical address of WSM (or 0) */
unsigned long addr; /* Virtual address */
bool reused; /* if WSM memory was reused, or new allocated */
};
/*
* Data exchange structure of the MC_IO_REG_WSM command.
*
* Allocates a physical MMU table and maps the buffer into this page.
* Returns the physical address of the MMU table.
* The page alignment will be created and the appropriated pSize and pOffsetMMU
* will be modified to the used values.
*/
struct mc_ioctl_reg_wsm {
uint32_t buffer; /* base address of the virtual address */
uint32_t len; /* size of the virtual address space */
uint32_t pid; /* process id */
uint32_t handle; /* driver handle for locked memory */
uint64_t table_phys; /* physical address of the MMU table */
};
/*
* Data exchange structure of the MC_IO_RESOLVE_CONT_WSM ioctl command.
*/
struct mc_ioctl_resolv_cont_wsm {
/* driver handle for buffer */
uint32_t handle;
/* length memory */
uint32_t length;
/* base address of memory */
uint64_t phys;
/* fd to owner of the buffer */
int32_t fd;
};
/*
* Data exchange structure of the MC_IO_RESOLVE_WSM ioctl command.
*/
struct mc_ioctl_resolv_wsm {
/* driver handle for buffer */
uint32_t handle;
/* fd to owner of the buffer */
int32_t fd;
/* base address of memory */
uint64_t phys;
};
/*
* defines for the ioctl mobicore driver module function call from user space.
*/
/* MobiCore IOCTL magic number */
#define MC_IOC_MAGIC 'M'
#define MC_IO_INIT _IOWR(MC_IOC_MAGIC, 0, struct mc_ioctl_init)
#define MC_IO_INFO _IOWR(MC_IOC_MAGIC, 1, struct mc_ioctl_info)
#define MC_IO_VERSION _IOR(MC_IOC_MAGIC, 2, uint32_t)
/*
* ioctl parameter to send the YIELD command to the SWD.
* Only possible in Privileged Mode.
* ioctl(fd, MC_DRV_MODULE_YIELD)
*/
#define MC_IO_YIELD _IO(MC_IOC_MAGIC, 3)
/*
* ioctl parameter to send the NSIQ signal to the SWD.
* Only possible in Privileged Mode
* ioctl(fd, MC_DRV_MODULE_NSIQ)
*/
#define MC_IO_NSIQ _IO(MC_IOC_MAGIC, 4)
/*
* Free's memory which is formerly allocated by the driver's mmap
* command. The parameter must be this mmaped address.
* The internal instance data regarding to this address are deleted as
* well as each according memory page and its appropriated reserved bit
* is cleared (ClearPageReserved).
* Usage: ioctl(fd, MC_DRV_MODULE_FREE, &address) with address being of
* type long address
*/
#define MC_IO_FREE _IO(MC_IOC_MAGIC, 5)
/*
* Creates a MMU Table of the given base address and the size of the
* data.
* Parameter: mc_ioctl_reg_wsm
*/
#define MC_IO_REG_WSM _IOWR(MC_IOC_MAGIC, 6, struct mc_ioctl_reg_wsm)
#define MC_IO_UNREG_WSM _IO(MC_IOC_MAGIC, 7)
#define MC_IO_LOCK_WSM _IO(MC_IOC_MAGIC, 8)
#define MC_IO_UNLOCK_WSM _IO(MC_IOC_MAGIC, 9)
/*
* Allocate contiguous memory for a process for later mapping with mmap.
* MC_IO_MAP_WSM usual operation, pages are registered in
* device structure and freed later.
* MC_IO_MAP_MCI get Instance of MCI, allocates or mmaps
* the MCI to daemon
*/
#define MC_IO_MAP_WSM _IOWR(MC_IOC_MAGIC, 11, struct mc_ioctl_map)
#define MC_IO_MAP_MCI _IOWR(MC_IOC_MAGIC, 12, struct mc_ioctl_map)
/*
* Clean orphaned WSM buffers. Only available to the daemon and should
* only be carried out if the TLC crashes or otherwise calls exit() in
* an unexpected manner.
* The clean is needed together with the lock/unlock mechanism so the daemon
* has clear control of the mapped buffers so it can close a Trustlet before
* release all the WSM buffers, otherwise the Trustlet would be able to write
* to possibly kernel memory areas
*/
#define MC_IO_CLEAN_WSM _IO(MC_IOC_MAGIC, 14)
/*
* Get MMU phys address of a buffer handle allocated to the user.
* Only available to the daemon.
*/
#define MC_IO_RESOLVE_WSM _IOWR(MC_IOC_MAGIC, 15, \
struct mc_ioctl_resolv_wsm)
/*
* Get the phys address & length of a allocated contiguous buffer.
* Only available to the daemon */
#define MC_IO_RESOLVE_CONT_WSM _IOWR(MC_IOC_MAGIC, 16, \
struct mc_ioctl_resolv_cont_wsm)
/*
* Setup the mem traces when called.
* Only available to the daemon */
#define MC_IO_LOG_SETUP _IO(MC_IOC_MAGIC, 17)
#endif /* _MC_LINUX_H_ */