/* SPDX-License-Identifier: GPL-2.0-only */
/*
* Copyright (C) 2023, STMicroelectronics - All Rights Reserved
*/
#ifndef STM32_FIREWALL_DEVICE_H
#define STM32_FIREWALL_DEVICE_H
#include <linux/of.h>
#include <linux/platform_device.h>
#include <linux/types.h>
#define STM32_FIREWALL_MAX_EXTRA_ARGS 5
/* Opaque reference to stm32_firewall_controller */
struct stm32_firewall_controller;
/**
* struct stm32_firewall - Information on a device's firewall. Each device can have more than one
* firewall.
*
* @firewall_ctrl: Pointer referencing a firewall controller of the device. It is
* opaque so a device cannot manipulate the controller's ops or access
* the controller's data
* @extra_args: Extra arguments that are implementation dependent
* @entry: Name of the firewall entry
* @extra_args_size: Number of extra arguments
* @firewall_id: Firewall ID associated the device for this firewall controller
*/
struct stm32_firewall {
struct stm32_firewall_controller *firewall_ctrl;
u32 extra_args[STM32_FIREWALL_MAX_EXTRA_ARGS];
const char *entry;
size_t extra_args_size;
u32 firewall_id;
};
#if IS_ENABLED(CONFIG_STM32_FIREWALL)
/**
* stm32_firewall_get_firewall - Get the firewall(s) associated to given device.
* The firewall controller reference is always the first argument
* of each of the access-controller property entries.
* The firewall ID is always the second argument of each of the
* access-controller property entries.
* If there's no argument linked to the phandle, then the firewall ID
* field is set to U32_MAX, which is an invalid ID.
*
* @np: Device node to parse
* @firewall: Array of firewall references
* @nb_firewall: Number of firewall references to get. Must be at least 1.
*
* Returns 0 on success, -ENODEV if there's no match with a firewall controller or appropriate errno
* code if error occurred.
*/
int stm32_firewall_get_firewall(struct device_node *np, struct stm32_firewall *firewall,
unsigned int nb_firewall);
/**
* stm32_firewall_grant_access - Request firewall access rights and grant access.
*
* @firewall: Firewall reference containing the ID to check against its firewall
* controller
*
* Returns 0 if access is granted, -EACCES if access is denied, -ENODEV if firewall is null or
* appropriate errno code if error occurred
*/
int stm32_firewall_grant_access(struct stm32_firewall *firewall);
/**
* stm32_firewall_release_access - Release access granted from a call to
* stm32_firewall_grant_access().
*
* @firewall: Firewall reference containing the ID to check against its firewall
* controller
*/
void stm32_firewall_release_access(struct stm32_firewall *firewall);
/**
* stm32_firewall_grant_access_by_id - Request firewall access rights of a given device
* based on a specific firewall ID
*
* Warnings:
* There is no way to ensure that the given ID will correspond to the firewall referenced in the
* device node if the ID did not come from stm32_firewall_get_firewall(). In that case, this
* function must be used with caution.
* This function should be used for subsystem resources that do not have the same firewall ID
* as their parent.
* U32_MAX is an invalid ID.
*
* @firewall: Firewall reference containing the firewall controller
* @subsystem_id: Firewall ID of the subsystem resource
*
* Returns 0 if access is granted, -EACCES if access is denied, -ENODEV if firewall is null or
* appropriate errno code if error occurred
*/
int stm32_firewall_grant_access_by_id(struct stm32_firewall *firewall, u32 subsystem_id);
/**
* stm32_firewall_release_access_by_id - Release access granted from a call to
* stm32_firewall_grant_access_by_id().
*
* Warnings:
* There is no way to ensure that the given ID will correspond to the firewall referenced in the
* device node if the ID did not come from stm32_firewall_get_firewall(). In that case, this
* function must be used with caution.
* This function should be used for subsystem resources that do not have the same firewall ID
* as their parent.
* U32_MAX is an invalid ID.
*
* @firewall: Firewall reference containing the firewall controller
* @subsystem_id: Firewall ID of the subsystem resource
*/
void stm32_firewall_release_access_by_id(struct stm32_firewall *firewall, u32 subsystem_id);
#else /* CONFIG_STM32_FIREWALL */
int stm32_firewall_get_firewall(struct device_node *np, struct stm32_firewall *firewall,
unsigned int nb_firewall);
{
return -ENODEV;
}
int stm32_firewall_grant_access(struct stm32_firewall *firewall)
{
return -ENODEV;
}
void stm32_firewall_release_access(struct stm32_firewall *firewall)
{
}
int stm32_firewall_grant_access_by_id(struct stm32_firewall *firewall, u32 subsystem_id)
{
return -ENODEV;
}
void stm32_firewall_release_access_by_id(struct stm32_firewall *firewall, u32 subsystem_id)
{
}
#endif /* CONFIG_STM32_FIREWALL */
#endif /* STM32_FIREWALL_DEVICE_H */