1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * Copyright (C) 2024, STMicroelectronics 4 */ 5 6 #ifndef __DRIVERS_FIREWALL_H 7 #define __DRIVERS_FIREWALL_H 8 9 #include <compiler.h> 10 #include <drivers/firewall_device.h> 11 #include <mm/core_memprot.h> 12 #include <stdbool.h> 13 #include <stddef.h> 14 #include <tee_api_defines.h> 15 #include <types_ext.h> 16 17 struct firewall_controller_ops; 18 19 /** 20 * struct firewall_controller - Firewall controller supplying services 21 * 22 * @ops: Operation handlers 23 * @name: Name of the firewall controller 24 * @base: Base address of the firewall controller 25 * @priv: Private data of the firewall controller 26 */ 27 struct firewall_controller { 28 const struct firewall_controller_ops *ops; 29 const char *name; 30 struct io_pa_va *base; 31 void *priv; 32 }; 33 34 /** 35 * struct firewall_controller_ops - Firewall controller operation handlers 36 * 37 * @set_conf: Callback used to set given firewall configuration 38 * @check_access: Callback used to check access for a consumer on a resource 39 * against a firewall controller 40 * @acquire_access: Callback used to acquire access for OP-TEE on a resource 41 * against a firewall controller 42 * @release_access: Callback used to release resources taken by a consumer when 43 * the access was acquired with @acquire_access 44 * @check_memory_access: Callback used to check access for a consumer to a 45 * memory range covered by a firewall controller, for read and/or write accesses 46 * @acquire_memory_access: Callback used to acquire access for OP-TEE to a 47 * memory range covered by a firewall controller, for read and/or write accesses 48 * @release_memory_access: Callback used to release resources taken by a 49 * consumer when the memory access was acquired with @acquire_memory_access 50 * @set_memory_conf: Callback to set access rights to a physical memory range 51 */ 52 struct firewall_controller_ops { 53 TEE_Result (*set_conf)(struct firewall_query *conf); 54 TEE_Result (*check_access)(struct firewall_query *conf); 55 TEE_Result (*acquire_access)(struct firewall_query *conf); 56 void (*release_access)(struct firewall_query *conf); 57 TEE_Result (*check_memory_access)(struct firewall_query *fw, 58 paddr_t paddr, size_t size, 59 bool read, bool write); 60 TEE_Result (*acquire_memory_access)(struct firewall_query *fw, 61 paddr_t paddr, size_t size, 62 bool read, bool write); 63 void (*release_memory_access)(struct firewall_query *fw, 64 paddr_t paddr, size_t size, bool read, 65 bool write); 66 TEE_Result (*set_memory_conf)(struct firewall_query *fw, paddr_t paddr, 67 size_t size); 68 }; 69 70 #ifdef CFG_DRIVERS_FIREWALL 71 /** 72 * firewall_dt_controller_register() - Register a firewall controller to the 73 * firewall framework 74 * @fdt: FDT to work on 75 * @node: DT node of the controller 76 * @ctrl: Firewall controller to register 77 */ 78 TEE_Result firewall_dt_controller_register(const void *fdt, int node, 79 struct firewall_controller *ctrl); 80 81 #else /* CFG_DRIVERS_FIREWALL */ 82 83 static inline TEE_Result 84 firewall_dt_controller_register(const void *fdt __unused, int node __unused, 85 struct firewall_controller *ctrl __unused) 86 { 87 return TEE_ERROR_NOT_IMPLEMENTED; 88 } 89 #endif /* CFG_DRIVERS_FIREWALL */ 90 #endif /* __DRIVERS_FIREWALL_H */ 91