1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* 3 * include/linux/sched/auth_ctrl.h 4 * 5 * Copyright (c) 2022 Huawei Device Co., Ltd. 6 */ 7 8 #ifndef _AUTH_CTRL_H 9 #define _AUTH_CTRL_H 10 11 #include <linux/fs.h> 12 13 #define ROOT_UID 0 14 #define SYSTEM_UID 1000 15 16 #define SUPER_UID SYSTEM_UID 17 #define RESOURCE_SCHEDULE_SERVICE_UID 1096 18 #define super_uid(uid) (uid == ROOT_UID || uid == SYSTEM_UID || uid == RESOURCE_SCHEDULE_SERVICE_UID) 19 20 enum ioctl_abi_format_auth{ 21 AUTH_IOCTL_ABI_ARM32, 22 AUTH_IOCTL_ABI_AARCH64, 23 }; 24 25 enum auth_ctrl_cmdid { 26 BASIC_AUTH_CTRL = 1, 27 AUTH_CTRL_MAX_NR 28 }; 29 30 #define AUTH_CTRL_IPC_MAGIG 0xCD 31 32 #define BASIC_AUTH_CTRL_OPERATION \ 33 _IOWR(AUTH_CTRL_IPC_MAGIG, BASIC_AUTH_CTRL, struct auth_ctrl_data) 34 35 enum auth_flag_type { 36 #ifdef CONFIG_RTG_AUTHORITY 37 RTG_AUTH_FLAG, 38 #endif 39 #ifdef CONFIG_QOS_AUTHORITY 40 QOS_AUTH_FLAG, 41 #endif 42 }; 43 44 #define INVALIED_AUTH_FLAG 0x00000000 45 46 struct auth_ctrl_data { 47 unsigned int pid; 48 49 /* 50 * type: operation type, see auth_manipulate_type, valid range [1, AUTH_MAX_NR) 51 * 52 * rtg_ua_flag: authority flag for RTG, see AF_RTG_ALL 53 * 54 * qos_ua_flag: authority flag for QOS, see AF_QOS_ALL 55 * 56 * status: current status for uid, use to match qos policy, see auth_status and 57 * qos_policy_type, valid range [1, AUTH_STATUS_MAX_NR - 1) 58 * 59 */ 60 unsigned int type; 61 unsigned int rtg_ua_flag; 62 unsigned int qos_ua_flag; 63 unsigned int status; 64 }; 65 66 enum auth_err_no { 67 ARG_INVALID = 1, 68 THREAD_EXITING, 69 DIRTY_QOS_POLICY, 70 PID_NOT_AUTHORIZED, 71 PID_NOT_FOUND, 72 PID_DUPLICATE, 73 PID_NOT_EXIST, 74 INVALID_AUTH, 75 QOS_THREAD_NUM_EXCEED_LIMIT, 76 }; 77 78 enum auth_manipulate_type { 79 AUTH_ENABLE = 1, 80 AUTH_DELETE, 81 AUTH_GET, 82 AUTH_SWITCH, 83 AUTH_MAX_NR, 84 }; 85 86 #ifndef CONFIG_QOS_POLICY_MAX_NR 87 #define QOS_STATUS_COUNT 5 88 #else 89 #define QOS_STATUS_COUNT CONFIG_QOS_POLICY_MAX_NR 90 #endif 91 92 /* keep match with qos_policy_type */ 93 enum auth_status { 94 /* reserved fo QOS_POLICY_DEFAULT, no qos supply in this status */ 95 AUTH_STATUS_DISABLED = 1, 96 97 /* reserved for ROOT and SYSTEM */ 98 AUTH_STATUS_SYSTEM_SERVER = 2, 99 100 /* 101 * these space for user specific status 102 * range (AUTH_STATUS_SYSTEM_SERVER, AUTH_STATUS_DEAD) 103 * 104 * initial the policy in matching index of qos_policy_array first before use 105 * see ctrl_qos_policy 106 */ 107 108 /* reserved for destorying auth_struct*/ 109 AUTH_STATUS_DEAD = QOS_STATUS_COUNT, 110 111 AUTH_STATUS_MAX_NR = QOS_STATUS_COUNT + 1, 112 }; 113 114 struct auth_struct; 115 long auth_ctrl_ioctl(int abi, struct file *file, unsigned int cmd, unsigned long arg); 116 void get_auth_struct(struct auth_struct *auth); 117 void put_auth_struct(struct auth_struct *auth); 118 struct auth_struct *get_authority(struct task_struct *p); 119 bool check_authorized(unsigned int func_id, unsigned int type); 120 121 #endif /* _AUTH_CTRL_H */ 122 123