/*
 * Copyright (C) 2015 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#pragma once

#include <stdint.h>

#include <lib/hwkey/hwkey.h>
#include <trusty_ipc.h>

#include "block_device.h"
#include "crypt.h"
#include "fs.h"
#include "rpmb.h"
#include "tipc_ns.h"

/**
 * DOC: File System Identifiers
 *
 * These file system names can be used in log messages to distinguish between
 * operations on different file systems. They are also mapped to identifiers to
 * report metrics events.
 *
 * @file_system_id_td: Tamper detect storage. Rollback or tampering by
 *                     non-secure code will be detected.
 * @file_system_id_tdea: Tamper detect early-access storage. Rollback or
 *                       tampering by non-secure code will be detected.
 *                       Available before the non-secure OS has booted if
 *                       supported by the boot loader.
 * @file_system_id_tdp: Tamper detect persistent storage. Rollback or tampering
 *                      by non-secure code will be detected. Data will persist
 *                      across device wipes.
 * @file_system_id_tp: Tamper proof storage. Non-secure code can prevent read
 *                     and write operations from succeeding, but it cannot
 *                     modify on-disk data.
 * @file_system_id_nsp: Non-secure persistent storage. Deprecated.
 */
extern const char file_system_id_td[];
extern const char file_system_id_tdea[];
extern const char file_system_id_tdp[];
extern const char file_system_id_tp[];
extern const char file_system_id_nsp[];

enum storage_filesystem_type {
    STORAGE_TP,
    STORAGE_TDEA,
    STORAGE_TD,
    STORAGE_TDP,
    STORAGE_NSP,
    STORAGE_FILESYSTEMS_COUNT,
};

/**
 * struct block_device_rpmb
 * @dev:         Block device state
 * @rpmb_state:  State of the backing rpmb
 * @base:        First block to use in rpmb partition
 * @is_userdata: Is this RPMB device tied to the state of the userdata
 * partition?
 */
struct block_device_rpmb {
    struct block_device dev;
    struct rpmb_state* rpmb_state;
    uint16_t base;
    bool is_userdata;
};

/**
 * struct block_device_ns
 * @dev:        Block device state
 * @ipc_handle: IPC handle to use to talk to ns
 * @ns_handle:  Handle of the backing ns file
 * @is_userdata: Is the backing file for this device in the (non-persistent)
 *               userdata partition?
 */
struct block_device_ns {
    struct block_device dev;
    handle_t ipc_handle;
    ns_handle_t ns_handle;
    bool is_userdata;
};

/**
 * struct block_device_tipc
 * @ipc_handle:            IPC handle to use to talk to storageproxy.
 * @rpmb_state:            State of the backing rpmb. Holds a pointer to
 *                         @ipc_handle.
 * @dev_rpmb:              The rpmb block device backing @tr_state_rpmb.
 * @tr_state_rpmb:         Filesystem for rpmb (TP, TDEA).
 * @dev_ns:                The rpmb block device containing the superblock for
 *                         @tr_state_ns.
 * @dev_ns_rpmb:           The rpmb block device backing @tr_state_ns.
 * @tr_state_ns:           Filesystem for TD.
 * @dev_ns_tdp:            The ns block device backing @tr_state_ns_tdp. Only
 *                         present when $HAS_FS_TDP defined.
 * @dev_ns_tdp_rpmb:       The rpmb block device containing the superblock for
 *                         @tr_state_ns_tdp. Only present when $HAS_FS_TDP
 *                         defined.
 * @tr_state_ns_tdp:       Filesystem for TDP. Only present when $HAS_FS_TDP
 *                         defined.
 * @dev_ns_nsp:            The ns block device backing @tr_state_ns_nsp. Only
 *                         present when $HAS_FS_NSP defined.
 * @dev_ns_nsp_superblock: The ns block device containing the superblock for
 *                         @tr_state_ns_nsp. Only present when $HAS_FS_NSP
 *                         defined.
 * @tr_state_ns_nsp:       Filesystem for NSP. Only present when $HAS_FS_NSP
 *                         defined.
 */
struct block_device_tipc {
    handle_t ipc_handle;
    struct rpmb_state* rpmb_state;

    struct block_device_rpmb dev_rpmb;
    struct fs tr_state_rpmb;

    struct block_device_ns dev_ns;
    struct block_device_rpmb dev_ns_rpmb;
    struct fs tr_state_ns;

#if HAS_FS_TDP
    struct block_device_ns dev_ns_tdp;
    struct block_device_rpmb dev_ns_tdp_rpmb;
    struct fs tr_state_ns_tdp;
#endif

#if HAS_FS_NSP
    struct block_device_ns dev_ns_nsp;
    struct block_device_ns dev_ns_nsp_superblock;
    struct fs tr_state_ns_nsp;
#endif
};

__BEGIN_CDECLS

/**
 * block_device_tipc_init() - Initialize a block device context
 * @self: Out param. Will contain the created &struct block_device_tipc,
 * which must later be cleaned up by passing to block_device_tipc_destroy()
 * @ipc_handle: IPC handle to use to talk to ns.
 * @fs_key: Key used to decrypt filesystems.
 * @rpmb_key: Key used to access rpmb. If null, a derived key will be used
 * instead.
 * @hwkey_session: HWCrpyto session handle to use for rpmb access.
 */
int block_device_tipc_init(struct block_device_tipc* self,
                           handle_t ipc_handle,
                           const struct key* fs_key,
                           const struct rpmb_key* rpmb_key,
                           hwkey_session_t hwkey_session);

/**
 * block_device_tipc_destroy() - Destroy a block device context
 * @self: The &struct block_device_tipc to destroy. Does not free the
 * context's memory. Any &struct fs &self returned from calls to
 * block_device_tipc_get_fs() must no longer be in use. @self must have
 * already been disconnected with &block_device_tipc_disconnect().
 */
void block_device_tipc_destroy(struct block_device_tipc* self);

/**
 * block_device_tipc_fs_connected() - Check whether a given filesystem is
 * connected
 *
 * @self: The &struct block_device_tipc from which to check for a filesystem.
 * @fs_type: The type of filesystem to check.
 */
bool block_device_tipc_fs_connected(struct block_device_tipc* self,
                                    enum storage_filesystem_type fs_type);

/**
 * block_device_tipc_get_fs() - Get a reference to one of the managed
 * filesystems
 *
 * @self: The &struct block_device_tipc to get a filesystem from.
 * @fs_type: The type of filesystem to get.
 */
struct fs* block_device_tipc_get_fs(struct block_device_tipc* self,
                                    enum storage_filesystem_type fs_type);

/**
 * block_device_tipc_disconnect() - Disconnect from the block devices
 *
 * Severs ipc connections to the block devices/filesystems backing the &struct
 * fs objects returned by &block_device_tipc_get_fs(). These fs objects state
 * will be maintained, but they must not be used until
 * &block_device_tipc_reconnect() is called.
 *
 * @self: The &struct block_device_tipc to disconnect.
 */
void block_device_tipc_disconnect(struct block_device_tipc* self);

/**
 * block_device_tipc_reconnect() - Reconnect to the block devices
 *
 * Reestablishes ipc connections to the block devices/filesystems backing the
 * &struct fs objects returned by &block_device_tipc_get_fs().
 *
 * @self: The &struct block_device_tipc to reconnect.
 * @ipc_handle: IPC handle to use to talk to backing block devices/filesystems.
 * @fs_key: Key used to decrypt filesystems.
 */
int block_device_tipc_reconnect(struct block_device_tipc* self,
                                handle_t ipc_handle,
                                const struct key* fs_key);

__END_CDECLS