1 /* SPDX-License-Identifier: GPL-2.0-only */ 2 /* 3 * Copyright (C) 2023, STMicroelectronics - All Rights Reserved 4 */ 5 6 #ifndef STM32_FIREWALL_DEVICE_H 7 #define STM32_FIREWALL_DEVICE_H 8 9 #include <linux/of.h> 10 #include <linux/platform_device.h> 11 #include <linux/types.h> 12 13 #define STM32_FIREWALL_MAX_EXTRA_ARGS 5 14 15 /* Opaque reference to stm32_firewall_controller */ 16 struct stm32_firewall_controller; 17 18 /** 19 * struct stm32_firewall - Information on a device's firewall. Each device can have more than one 20 * firewall. 21 * 22 * @firewall_ctrl: Pointer referencing a firewall controller of the device. It is 23 * opaque so a device cannot manipulate the controller's ops or access 24 * the controller's data 25 * @extra_args: Extra arguments that are implementation dependent 26 * @entry: Name of the firewall entry 27 * @extra_args_size: Number of extra arguments 28 * @firewall_id: Firewall ID associated the device for this firewall controller 29 */ 30 struct stm32_firewall { 31 struct stm32_firewall_controller *firewall_ctrl; 32 u32 extra_args[STM32_FIREWALL_MAX_EXTRA_ARGS]; 33 const char *entry; 34 size_t extra_args_size; 35 u32 firewall_id; 36 }; 37 38 #if IS_ENABLED(CONFIG_STM32_FIREWALL) 39 /** 40 * stm32_firewall_get_firewall - Get the firewall(s) associated to given device. 41 * The firewall controller reference is always the first argument 42 * of each of the access-controller property entries. 43 * The firewall ID is always the second argument of each of the 44 * access-controller property entries. 45 * If there's no argument linked to the phandle, then the firewall ID 46 * field is set to U32_MAX, which is an invalid ID. 47 * 48 * @np: Device node to parse 49 * @firewall: Array of firewall references 50 * @nb_firewall: Number of firewall references to get. Must be at least 1. 51 * 52 * Returns 0 on success, -ENODEV if there's no match with a firewall controller or appropriate errno 53 * code if error occurred. 54 */ 55 int stm32_firewall_get_firewall(struct device_node *np, struct stm32_firewall *firewall, 56 unsigned int nb_firewall); 57 58 /** 59 * stm32_firewall_grant_access - Request firewall access rights and grant access. 60 * 61 * @firewall: Firewall reference containing the ID to check against its firewall 62 * controller 63 * 64 * Returns 0 if access is granted, -EACCES if access is denied, -ENODEV if firewall is null or 65 * appropriate errno code if error occurred 66 */ 67 int stm32_firewall_grant_access(struct stm32_firewall *firewall); 68 69 /** 70 * stm32_firewall_release_access - Release access granted from a call to 71 * stm32_firewall_grant_access(). 72 * 73 * @firewall: Firewall reference containing the ID to check against its firewall 74 * controller 75 */ 76 void stm32_firewall_release_access(struct stm32_firewall *firewall); 77 78 /** 79 * stm32_firewall_grant_access_by_id - Request firewall access rights of a given device 80 * based on a specific firewall ID 81 * 82 * Warnings: 83 * There is no way to ensure that the given ID will correspond to the firewall referenced in the 84 * device node if the ID did not come from stm32_firewall_get_firewall(). In that case, this 85 * function must be used with caution. 86 * This function should be used for subsystem resources that do not have the same firewall ID 87 * as their parent. 88 * U32_MAX is an invalid ID. 89 * 90 * @firewall: Firewall reference containing the firewall controller 91 * @subsystem_id: Firewall ID of the subsystem resource 92 * 93 * Returns 0 if access is granted, -EACCES if access is denied, -ENODEV if firewall is null or 94 * appropriate errno code if error occurred 95 */ 96 int stm32_firewall_grant_access_by_id(struct stm32_firewall *firewall, u32 subsystem_id); 97 98 /** 99 * stm32_firewall_release_access_by_id - Release access granted from a call to 100 * stm32_firewall_grant_access_by_id(). 101 * 102 * Warnings: 103 * There is no way to ensure that the given ID will correspond to the firewall referenced in the 104 * device node if the ID did not come from stm32_firewall_get_firewall(). In that case, this 105 * function must be used with caution. 106 * This function should be used for subsystem resources that do not have the same firewall ID 107 * as their parent. 108 * U32_MAX is an invalid ID. 109 * 110 * @firewall: Firewall reference containing the firewall controller 111 * @subsystem_id: Firewall ID of the subsystem resource 112 */ 113 void stm32_firewall_release_access_by_id(struct stm32_firewall *firewall, u32 subsystem_id); 114 115 #else /* CONFIG_STM32_FIREWALL */ 116 117 int stm32_firewall_get_firewall(struct device_node *np, struct stm32_firewall *firewall, 118 unsigned int nb_firewall); 119 { 120 return -ENODEV; 121 } 122 123 int stm32_firewall_grant_access(struct stm32_firewall *firewall) 124 { 125 return -ENODEV; 126 } 127 128 void stm32_firewall_release_access(struct stm32_firewall *firewall) 129 { 130 } 131 132 int stm32_firewall_grant_access_by_id(struct stm32_firewall *firewall, u32 subsystem_id) 133 { 134 return -ENODEV; 135 } 136 137 void stm32_firewall_release_access_by_id(struct stm32_firewall *firewall, u32 subsystem_id) 138 { 139 } 140 141 #endif /* CONFIG_STM32_FIREWALL */ 142 #endif /* STM32_FIREWALL_DEVICE_H */ 143