1 /* 2 * Copyright (C) 2015-2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #pragma once 18 19 #include <stdint.h> 20 21 /* 22 * Storage port names 23 * @STORAGE_CLIENT_TD_PORT: Port used by clients that require tamper and 24 * rollback detection. 25 * @STORAGE_CLIENT_TDEA_PORT: Port used by clients that require storage before 26 * the non-secure os has booted. 27 * @STORAGE_CLIENT_TP_PORT: Port used by clients that require tamper proof 28 * storage. Note that non-secure code can prevent 29 read and write operations from succeeding, but 30 it cannot modify on-disk data. 31 * @STORAGE_DISK_PROXY_PORT: Port used by non-secure proxy server 32 */ 33 #define STORAGE_CLIENT_TD_PORT "com.android.trusty.storage.client.td" 34 #define STORAGE_CLIENT_TDEA_PORT "com.android.trusty.storage.client.tdea" 35 #define STORAGE_CLIENT_TP_PORT "com.android.trusty.storage.client.tp" 36 #define STORAGE_DISK_PROXY_PORT "com.android.trusty.storage.proxy" 37 38 enum storage_cmd { 39 STORAGE_REQ_SHIFT = 1, 40 STORAGE_RESP_BIT = 1, 41 42 STORAGE_RESP_MSG_ERR = STORAGE_RESP_BIT, 43 44 STORAGE_FILE_DELETE = 1 << STORAGE_REQ_SHIFT, 45 STORAGE_FILE_OPEN = 2 << STORAGE_REQ_SHIFT, 46 STORAGE_FILE_CLOSE = 3 << STORAGE_REQ_SHIFT, 47 STORAGE_FILE_READ = 4 << STORAGE_REQ_SHIFT, 48 STORAGE_FILE_WRITE = 5 << STORAGE_REQ_SHIFT, 49 STORAGE_FILE_GET_SIZE = 6 << STORAGE_REQ_SHIFT, 50 STORAGE_FILE_SET_SIZE = 7 << STORAGE_REQ_SHIFT, 51 52 STORAGE_RPMB_SEND = 8 << STORAGE_REQ_SHIFT, 53 54 /* transaction support */ 55 STORAGE_END_TRANSACTION = 9 << STORAGE_REQ_SHIFT, 56 }; 57 58 /** 59 * enum storage_err - error codes for storage protocol 60 * @STORAGE_NO_ERROR: all OK 61 * @STORAGE_ERR_GENERIC: unknown error. Can occur when there's an internal server 62 * error, e.g. the server runs out of memory or is in a bad state. 63 * @STORAGE_ERR_NOT_VALID: input not valid. May occur if the arguments passed 64 * into the command are not valid, for example if the file handle 65 * passed in is not a valid one. 66 * @STORAGE_ERR_UNIMPLEMENTED: the command passed in is not recognized 67 * @STORAGE_ERR_ACCESS: the file is not accessible in the requested mode 68 * @STORAGE_ERR_NOT_FOUND: the file was not found 69 * @STORAGE_ERR_EXIST the file exists when it shouldn't as in with OPEN_CREATE | OPEN_EXCLUSIVE. 70 * @STORAGE_ERR_TRANSACT returned by various operations to indicate that current transaction 71 * is in error state. Such state could be only cleared by sending 72 * STORAGE_END_TRANSACTION message. 73 */ 74 enum storage_err { 75 STORAGE_NO_ERROR = 0, 76 STORAGE_ERR_GENERIC = 1, 77 STORAGE_ERR_NOT_VALID = 2, 78 STORAGE_ERR_UNIMPLEMENTED = 3, 79 STORAGE_ERR_ACCESS = 4, 80 STORAGE_ERR_NOT_FOUND = 5, 81 STORAGE_ERR_EXIST = 6, 82 STORAGE_ERR_TRANSACT = 7, 83 }; 84 85 /** 86 * storage_delete_flag - flags for controlling delete semantics 87 */ 88 enum storage_file_delete_flag { 89 STORAGE_FILE_DELETE_MASK = 0, 90 }; 91 92 /** 93 * storage_file_flag - Flags to control 'open' semantics. 94 * @STORAGE_FILE_OPEN_CREATE: if this file does not exist, create it. 95 * @STORAGE_FILE_OPEN_CREATE_EXCLUSIVE: causes STORAGE_FILE_OPEN_CREATE to fail if the file 96 * already exists. Only meaningful if used in combination 97 * with STORAGE_FILE_OPEN_CREATE. 98 * @STORAGE_FILE_OPEN_TRUNCATE: if this file already exists, discard existing content 99 * and open it as a new file. No change in semantics if the 100 * file does not exist. 101 * @STORAGE_FILE_OPEN_MASK: mask for all open flags supported in current protocol. 102 * All other bits must be set to 0. 103 */ 104 enum storage_file_open_flag { 105 STORAGE_FILE_OPEN_CREATE = (1 << 0), 106 STORAGE_FILE_OPEN_CREATE_EXCLUSIVE = (1 << 1), 107 STORAGE_FILE_OPEN_TRUNCATE = (1 << 2), 108 STORAGE_FILE_OPEN_MASK = STORAGE_FILE_OPEN_CREATE | 109 STORAGE_FILE_OPEN_TRUNCATE | 110 STORAGE_FILE_OPEN_CREATE_EXCLUSIVE, 111 }; 112 113 /** 114 * enum storage_msg_flag - protocol-level flags in struct storage_msg 115 * @STORAGE_MSG_FLAG_BATCH: if set, command belongs to a batch transaction. 116 * No response will be sent by the server until 117 * it receives a command with this flag unset, at 118 * which point a cumulative result for all messages 119 * sent with STORAGE_MSG_FLAG_BATCH will be sent. 120 * This is only supported by the non-secure disk proxy 121 * server. 122 * @STORAGE_MSG_FLAG_PRE_COMMIT: if set, indicates that server need to commit 123 * pending changes before processing this message. 124 * @STORAGE_MSG_FLAG_POST_COMMIT: if set, indicates that server need to commit 125 * pending changes after processing this message. 126 * @STORAGE_MSG_FLAG_TRANSACT_COMPLETE: if set, indicates that server need to commit 127 * current transaction after processing this message. 128 * It is an alias for STORAGE_MSG_FLAG_POST_COMMIT. 129 * @STORAGE_MSG_FLAG_PRE_COMMIT_CHECKPOINT: if set, indicates that server needs to ensure 130 * that there is not a pending checkpoint for 131 * userdata before processing this message. 132 */ 133 enum storage_msg_flag { 134 STORAGE_MSG_FLAG_BATCH = 0x1, 135 STORAGE_MSG_FLAG_PRE_COMMIT = 0x2, 136 STORAGE_MSG_FLAG_POST_COMMIT = 0x4, 137 STORAGE_MSG_FLAG_TRANSACT_COMPLETE = STORAGE_MSG_FLAG_POST_COMMIT, 138 STORAGE_MSG_FLAG_PRE_COMMIT_CHECKPOINT = 0x8, 139 }; 140 141 /* 142 * The following declarations are the message-specific contents of 143 * the 'payload' element inside struct storage_msg. 144 */ 145 146 /** 147 * struct storage_file_delete_req - request format for STORAGE_FILE_DELETE 148 * @flags: currently unused, must be set to 0. 149 * @name: the name of the file 150 */ 151 struct storage_file_delete_req { 152 uint32_t flags; 153 char name[0]; 154 }; 155 156 /** 157 * struct storage_file_open_req - request format for STORAGE_FILE_OPEN 158 * @flags: any of enum storage_file_flag or'ed together 159 * @name: the name of the file 160 */ 161 struct storage_file_open_req { 162 uint32_t flags; 163 char name[0]; 164 }; 165 166 /** 167 * struct storage_file_open_resp - response format for STORAGE_FILE_OPEN 168 * @handle: opaque handle to the opened file. Only present on success. 169 */ 170 struct storage_file_open_resp { 171 uint32_t handle; 172 }; 173 174 /** 175 * struct storage_file_close_req - request format for STORAGE_FILE_CLOSE 176 * @handle: the handle for the file to close 177 */ 178 struct storage_file_close_req { 179 uint32_t handle; 180 }; 181 182 /** 183 * struct storage_file_read_req - request format for STORAGE_FILE_READ 184 * @handle: the handle for the file from which to read 185 * @size: the quantity of bytes to read from the file 186 * @offset: the offset in the file from whence to read 187 */ 188 struct storage_file_read_req { 189 uint32_t handle; 190 uint32_t size; 191 uint64_t offset; 192 }; 193 194 /** 195 * struct storage_file_read_resp - response format for STORAGE_FILE_READ 196 * @data: beginning of data retrieved from file 197 */ 198 struct storage_file_read_resp { 199 uint8_t data[0]; 200 }; 201 202 /** 203 * struct storage_file_write_req - request format for STORAGE_FILE_WRITE 204 * @handle: the handle for the file to write to 205 * @offset: the offset in the file from whence to write 206 * @__reserved: unused, must be set to 0. 207 * @data: beginning of the data to be written 208 */ 209 struct storage_file_write_req { 210 uint64_t offset; 211 uint32_t handle; 212 uint32_t __reserved; 213 uint8_t data[0]; 214 }; 215 216 /** 217 * struct storage_file_get_size_req - request format for STORAGE_FILE_GET_SIZE 218 * @handle: handle for which the size is requested 219 */ 220 struct storage_file_get_size_req { 221 uint32_t handle; 222 }; 223 224 /** 225 * struct storage_file_get_size_resp - response format for STORAGE_FILE_GET_SIZE 226 * @size: the size of the file 227 */ 228 struct storage_file_get_size_resp { 229 uint64_t size; 230 }; 231 232 /** 233 * struct storage_file_set_size_req - request format for STORAGE_FILE_SET_SIZE 234 * @handle: the file handle 235 * @size: the desired size of the file 236 */ 237 struct storage_file_set_size_req { 238 uint64_t size; 239 uint32_t handle; 240 }; 241 242 /** 243 * struct storage_rpmb_send_req - request format for STORAGE_RPMB_SEND 244 * @reliable_write_size: size in bytes of reliable write region 245 * @write_size: size in bytes of write region 246 * @read_size: number of bytes to read for a read request 247 * @__reserved: unused, must be set to 0 248 * @payload: start of reliable write region, followed by 249 * write region. 250 * 251 * Only used in proxy<->server interface. 252 */ 253 struct storage_rpmb_send_req { 254 uint32_t reliable_write_size; 255 uint32_t write_size; 256 uint32_t read_size; 257 uint32_t __reserved; 258 uint8_t payload[0]; 259 }; 260 261 /** 262 * struct storage_rpmb_send_resp: response type for STORAGE_RPMB_SEND 263 * @data: the data frames frames retrieved from the MMC. 264 */ 265 struct storage_rpmb_send_resp { 266 uint8_t data[0]; 267 }; 268 269 /** 270 * struct storage_msg - generic req/resp format for all storage commands 271 * @cmd: one of enum storage_cmd 272 * @op_id: client chosen operation identifier for an instance 273 * of a command or atomic grouping of commands (transaction). 274 * @flags: one or many of enum storage_msg_flag or'ed together. 275 * @size: total size of the message including this header 276 * @result: one of enum storage_err 277 * @__reserved: unused, must be set to 0. 278 * @payload: beginning of command specific message format 279 */ 280 struct storage_msg { 281 uint32_t cmd; 282 uint32_t op_id; 283 uint32_t flags; 284 uint32_t size; 285 int32_t result; 286 uint32_t __reserved; 287 uint8_t payload[0]; 288 }; 289 290