1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* 3 * include/linux/sched/auth_ctrl.h 4 * 5 * Copyright (c) 2022 Huawei Device Co., Ltd. 6 */ 7 8 #ifndef _AUTH_CTRL_H 9 #define _AUTH_CTRL_H 10 11 #include <linux/fs.h> 12 13 #define ROOT_UID 0 14 #define SYSTEM_UID 1000 15 16 #define SUPER_UID SYSTEM_UID 17 #define super_uid(uid) (uid == ROOT_UID || uid == SYSTEM_UID) 18 19 enum ioctl_abi_format_auth{ 20 AUTH_IOCTL_ABI_ARM32, 21 AUTH_IOCTL_ABI_AARCH64, 22 }; 23 24 enum auth_ctrl_cmdid { 25 BASIC_AUTH_CTRL = 1, 26 AUTH_CTRL_MAX_NR 27 }; 28 29 #define AUTH_CTRL_IPC_MAGIG 0xCD 30 31 #define BASIC_AUTH_CTRL_OPERATION \ 32 _IOWR(AUTH_CTRL_IPC_MAGIG, BASIC_AUTH_CTRL, struct auth_ctrl_data) 33 34 enum auth_flag_type { 35 #ifdef CONFIG_RTG_AUTHORITY 36 RTG_AUTH_FLAG, 37 #endif 38 #ifdef CONFIG_QOS_AUTHORITY 39 QOS_AUTH_FLAG, 40 #endif 41 }; 42 43 #define INVALIED_AUTH_FLAG 0x00000000 44 45 struct auth_ctrl_data { 46 unsigned int uid; 47 48 /* 49 * type: operation type, see auth_manipulate_type, valid range [1, AUTH_MAX_NR) 50 * 51 * rtg_ua_flag: authority flag for RTG, see AF_RTG_ALL 52 * 53 * qos_ua_flag: authority flag for QOS, see AF_QOS_ALL 54 * 55 * status: current status for uid, use to match qos policy, see auth_status and 56 * qos_policy_type, valid range [1, AUTH_STATUS_MAX_NR - 1) 57 * 58 */ 59 unsigned int type; 60 unsigned int rtg_ua_flag; 61 unsigned int qos_ua_flag; 62 unsigned int status; 63 }; 64 65 enum auth_err_no { 66 ARG_INVALID = 1, 67 THREAD_EXITING, 68 DIRTY_QOS_POLICY, 69 UID_NOT_AUTHORIZED, 70 UID_NOT_FOUND, 71 PID_DUPLICATE, 72 PID_NOT_EXIST, 73 INVALID_AUTH, 74 QOS_THREAD_NUM_EXCEED_LIMIT, 75 }; 76 77 enum auth_manipulate_type { 78 AUTH_ENABLE = 1, 79 AUTH_DELETE, 80 AUTH_GET, 81 AUTH_SWITCH, 82 AUTH_MAX_NR, 83 }; 84 85 #ifndef CONFIG_QOS_POLICY_MAX_NR 86 #define QOS_STATUS_COUNT 5 87 #else 88 #define QOS_STATUS_COUNT CONFIG_QOS_POLICY_MAX_NR 89 #endif 90 91 /* keep match with qos_policy_type */ 92 enum auth_status { 93 /* reserved fo QOS_POLICY_DEFAULT, no qos supply in this status */ 94 AUTH_STATUS_DISABLED = 1, 95 96 /* reserved for ROOT and SYSTEM */ 97 AUTH_STATUS_SYSTEM_SERVER = 2, 98 99 /* 100 * these space for user specific status 101 * range (AUTH_STATUS_SYSTEM_SERVER, AUTH_STATUS_DEAD) 102 * 103 * initial the policy in matching index of qos_policy_array first before use 104 * see ctrl_qos_policy 105 */ 106 107 /* reserved for destorying auth_struct*/ 108 AUTH_STATUS_DEAD = QOS_STATUS_COUNT, 109 110 AUTH_STATUS_MAX_NR = QOS_STATUS_COUNT + 1, 111 }; 112 113 struct auth_struct; 114 long auth_ctrl_ioctl(int abi, struct file *file, unsigned int cmd, unsigned long arg); 115 void get_auth_struct(struct auth_struct *auth); 116 void put_auth_struct(struct auth_struct *auth); 117 struct auth_struct *get_authority(struct task_struct *p); 118 bool check_authorized(unsigned int func_id, unsigned int type); 119 120 #endif /* _AUTH_CTRL_H */ 121 122