1 /* 2 * Arm SCP/MCP Software 3 * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved. 4 * 5 * SPDX-License-Identifier: BSD-3-Clause 6 * 7 * Description: 8 * System Control and Management Interface (SCMI) 9 * Resource Management Support. 10 */ 11 12 #ifndef MOD_SCMI_RESOURCE_PERMISSIONS_H 13 #define MOD_SCMI_RESOURCE_PERMISSIONS_H 14 15 #include <mod_scmi_std.h> 16 17 #include <fwk_assert.h> 18 #include <fwk_id.h> 19 #include <fwk_status.h> 20 21 #include <stdint.h> 22 23 /* 24 * We will use type uint16_t to track the resources. 25 */ 26 typedef uint16_t mod_res_perms_t; 27 28 #define MOD_RES_PERMS_TYPE_BITS (sizeof(mod_res_perms_t) * CHAR_BIT) 29 #define MOD_RES_PERMS_TYPE_SHIFT (4U) 30 #define MOD_RES_PERMS_TYPE_MASK ((1U << MOD_RES_PERMS_TYPE_SHIFT) - 1U) 31 32 /*! Find the array element for the resource */ 33 #define MOD_RES_PERMS_RESOURCE_ELEMENT(resource_id) \ 34 (uint32_t)(resource_id >> MOD_RES_PERMS_TYPE_SHIFT) 35 36 /*! Find the bit in the array element for the resource */ 37 #define MOD_RES_PERMS_RESOURCE_BIT(resource_id) \ 38 (uint32_t)(resource_id & MOD_RES_PERMS_TYPE_MASK) 39 40 /*! 41 * \brief Bits to set to deny Protocol permissions. Note that the default 42 * throughout is to allow access to a Protocol:Message:Resource. 43 */ 44 enum mod_res_perms_permissions { 45 MOD_RES_PERMS_ACCESS_ALLOWED = 0, 46 MOD_RES_PERMS_ACCESS_DENIED = 1, 47 }; 48 49 #define MOD_RES_PERMS_PERMISSIONS_MASK 0x1 50 51 #define MOD_RES_PERMS_PROTOCOL_OFFSET MOD_SCMI_PROTOCOL_ID_BASE 52 53 enum mod_res_perms_protocol_deny { 54 MOD_RES_PERMS_SCMI_ALL_PROTOCOLS_ALLOWED = 0, 55 MOD_RES_PERMS_SCMI_BASE_PROTOCOL_DENIED = MOD_RES_PERMS_ACCESS_DENIED 56 << (MOD_SCMI_PROTOCOL_ID_BASE - MOD_RES_PERMS_PROTOCOL_OFFSET), 57 MOD_RES_PERMS_SCMI_CLOCK_PROTOCOL_DENIED = MOD_RES_PERMS_ACCESS_DENIED 58 << (MOD_SCMI_PROTOCOL_ID_CLOCK - MOD_RES_PERMS_PROTOCOL_OFFSET), 59 MOD_RES_PERMS_SCMI_SYS_POWER_PROTOCOL_DENIED = MOD_RES_PERMS_ACCESS_DENIED 60 << (MOD_SCMI_PROTOCOL_ID_SYS_POWER - MOD_RES_PERMS_PROTOCOL_OFFSET), 61 MOD_RES_PERMS_SCMI_POWER_DOMAIN_DENIED = MOD_RES_PERMS_ACCESS_DENIED 62 << (MOD_SCMI_PROTOCOL_ID_POWER_DOMAIN - MOD_RES_PERMS_PROTOCOL_OFFSET), 63 MOD_RES_PERMS_SCMI_PERF_PROTOCOL_DENIED = MOD_RES_PERMS_ACCESS_DENIED 64 << (MOD_SCMI_PROTOCOL_ID_PERF - MOD_RES_PERMS_PROTOCOL_OFFSET), 65 MOD_RES_PERMS_SCMI_SENSOR_PROTOCOL_DENIED = MOD_RES_PERMS_ACCESS_DENIED 66 << (MOD_SCMI_PROTOCOL_ID_SENSOR - MOD_RES_PERMS_PROTOCOL_OFFSET), 67 MOD_RES_PERMS_SCMI_RESET_DOMAIN_PROTOCOL_DENIED = 68 MOD_RES_PERMS_ACCESS_DENIED 69 << (MOD_SCMI_PROTOCOL_ID_RESET_DOMAIN - MOD_RES_PERMS_PROTOCOL_OFFSET), 70 MOD_RES_PERMS_SCMI_VOLTAGE_DOMAIN_PROTOCOL_DENIED = 71 MOD_RES_PERMS_ACCESS_DENIED 72 << (MOD_SCMI_PROTOCOL_ID_VOLTAGE_DOMAIN - 73 MOD_RES_PERMS_PROTOCOL_OFFSET), 74 }; 75 76 /*! 77 * \brief Bitmask of the protocols disabled for the agent. 78 */ 79 struct mod_res_agent_protocol_permissions { 80 /*! 81 * \details This bitmask specifies which protocols are DISABLED for this 82 * agent. If a bit is set that agent does NOT have permission to 83 * use the protocol. 84 */ 85 mod_res_perms_t protocols; 86 }; 87 88 /*! 89 * \brief Bits to set to deny Message permissions. Note that the default 90 * throughout is to allow access to a Message:Resource. 91 */ 92 #define MOD_RES_PERMS_MESSAGE_OFFSET MOD_SCMI_PROTOCOL_ID_BASE 93 94 enum mod_res_perms_message_idx { 95 MOD_RES_PERMS_SCMI_BASE_MESSAGE_IDX = 96 MOD_SCMI_PROTOCOL_ID_BASE - MOD_RES_PERMS_MESSAGE_OFFSET, 97 MOD_RES_PERMS_SCMI_CLOCK_MESSAGE_IDX = 98 MOD_SCMI_PROTOCOL_ID_CLOCK - MOD_RES_PERMS_MESSAGE_OFFSET, 99 MOD_RES_PERMS_SCMI_SYS_POWER_MESSAGE_IDX = 100 MOD_SCMI_PROTOCOL_ID_SYS_POWER - MOD_RES_PERMS_MESSAGE_OFFSET, 101 MOD_RES_PERMS_SCMI_POWER_DOMAIN_MESSAGE_IDX = 102 MOD_SCMI_PROTOCOL_ID_POWER_DOMAIN - MOD_RES_PERMS_MESSAGE_OFFSET, 103 MOD_RES_PERMS_SCMI_PERF_MESSAGE_IDX = 104 MOD_SCMI_PROTOCOL_ID_PERF - MOD_RES_PERMS_MESSAGE_OFFSET, 105 MOD_RES_PERMS_SCMI_SENSOR_MESSAGE_IDX = 106 MOD_SCMI_PROTOCOL_ID_SENSOR - MOD_RES_PERMS_MESSAGE_OFFSET, 107 MOD_RES_PERMS_SCMI_RESET_DOMAIN_MESSAGE_IDX = 108 MOD_SCMI_PROTOCOL_ID_RESET_DOMAIN - MOD_RES_PERMS_MESSAGE_OFFSET, 109 MOD_RES_PERMS_SCMI_VOLTAGE_DOMAIN_MESSAGE_IDX = 110 MOD_SCMI_PROTOCOL_ID_VOLTAGE_DOMAIN - MOD_RES_PERMS_MESSAGE_OFFSET, 111 }; 112 113 /*! 114 * \brief Bits to set when denying message permissions. The 115 * VERSION/ATTRIBUTES/MSG_ATTRIBUTES messages are available to all 116 * agents. The message bits for each protocol are defined as 117 * offsets from the corresponding base index. 118 */ 119 enum mod_res_perms_message_bitmask_base { 120 MOD_RES_PERMS_SCMI_BASE_BITMASK_IDX = MOD_SCMI_BASE_NOTIFY_ERRORS, 121 MOD_RES_PERMS_SCMI_CLOCK_BITMASK_IDX = MOD_SCMI_CLOCK_ATTRIBUTES, 122 MOD_RES_PERMS_SCMI_SYS_POWER_BITMASK_IDX = MOD_SCMI_SYS_POWER_STATE_SET, 123 MOD_RES_PERMS_SCMI_POWER_DOMAIN_BITMASK_IDX = 124 MOD_SCMI_PD_POWER_DOMAIN_ATTRIBUTES, 125 MOD_RES_PERMS_SCMI_PERF_BITMASK_IDX = MOD_SCMI_PERF_DOMAIN_ATTRIBUTES, 126 MOD_RES_PERMS_SCMI_SENSOR_BITMASK_IDX = MOD_SCMI_SENSOR_DESCRIPTION_GET, 127 MOD_RES_PERMS_SCMI_RESET_DOMAIN_BITMASK_IDX = 128 MOD_SCMI_RESET_DOMAIN_ATTRIBUTES, 129 MOD_RES_PERMS_SCMI_VOLTAGE_DOMAIN_BITMASK_IDX = 130 MOD_SCMI_VOLTD_DOMAIN_ATTRIBUTES, 131 }; 132 133 /*! 134 * \brief Bitmask of the messages for each protocol disabled for 135 * the agent. Currently we have 8 SCMI protocols. 136 */ 137 struct mod_res_agent_msg_permissions { 138 /*! \details Bitmask of the disabled messages for each protocol. */ 139 mod_res_perms_t messages[8]; 140 }; 141 142 /*! 143 * \brief Bitmask of the resources for each protocol:command disabled for 144 * the agent. 145 * 146 * \details Each protocol will manage a unique number of commands, so 147 * we specify different size tables. 148 * 149 * If the permissions table is not set then the agent is deemed 150 * to be allowed access that protocol:command:resource. They will 151 * be checked in order protocol->command->resource. 152 * 153 * In order for a protocol to be disabled for an agent, the 154 * bit must be SET in the agent_protocol_permissions table. 155 * 156 * In order for a command to be disabled for an agent, the 157 * bit must be SET in the agent_cmd_permissions table. 158 * 159 * In order for a resource to be disabled for an agent, the 160 * bit must be SET in the agent_permission table. 161 * 162 * \note The VERSION/ATTRIBUTES/MSG_ATTRIBUTES commands 163 * are available to all agents. 164 * 165 * \note The BASE and SYSTEM_POWER protocols are managed by 166 * agent:protocol:command, there are no resource 167 * permissions associated with these protocols. 168 * 169 */ 170 171 /*! 172 * \brief SCMI Clock Protocol Message index offset 173 */ 174 #define MOD_RES_PERMS_CLOCK_PERMS_OFFSET MOD_SCMI_CLOCK_ATTRIBUTES 175 176 /*! 177 * \brief SCMI Clock Protocol Message Indices 178 */ 179 enum mod_res_clock_permissions_idx { 180 MOD_RES_PERMS_SCMI_CLOCK_ATTRIBUTES_IDX = 181 MOD_SCMI_CLOCK_ATTRIBUTES - MOD_RES_PERMS_CLOCK_PERMS_OFFSET, 182 MOD_RES_PERMS_SCMI_CLOCK_DESCRIBE_RATE_IDX = 183 MOD_SCMI_CLOCK_DESCRIBE_RATES - MOD_RES_PERMS_CLOCK_PERMS_OFFSET, 184 MOD_RES_PERMS_SCMI_CLOCK_RATE_SET_IDX = 185 MOD_SCMI_CLOCK_RATE_SET - MOD_RES_PERMS_CLOCK_PERMS_OFFSET, 186 MOD_RES_PERMS_SCMI_CLOCK_RATE_GET_IDX = 187 MOD_SCMI_CLOCK_RATE_GET - MOD_RES_PERMS_CLOCK_PERMS_OFFSET, 188 MOD_RES_PERMS_SCMI_CLOCK_CONFIG_SET_IDX = 189 MOD_SCMI_CLOCK_CONFIG_SET - MOD_RES_PERMS_CLOCK_PERMS_OFFSET, 190 }; 191 192 /*! 193 * \brief SCMI Power Domain Protocol Message index offset 194 */ 195 #define MOD_RES_PERMS_POWER_DOMAIN_PERMS_OFFSET \ 196 MOD_SCMI_PD_POWER_DOMAIN_ATTRIBUTES 197 198 /*! 199 * \brief SCMI Power Domain Protocol Message Indices 200 */ 201 enum mod_res_power_domain_permissions_idx { 202 MOD_RES_PERMS_SCMI_POWER_DOMAIN_ATTRIBUTES_IDX = 203 MOD_SCMI_PD_POWER_DOMAIN_ATTRIBUTES - 204 MOD_RES_PERMS_POWER_DOMAIN_PERMS_OFFSET, 205 MOD_RES_PERMS_SCMI_POWER_DOMAIN_STATE_SET_IDX = 206 MOD_SCMI_PD_POWER_STATE_SET - MOD_RES_PERMS_POWER_DOMAIN_PERMS_OFFSET, 207 MOD_RES_PERMS_SCMI_POWER_DOMAIN_STATE_GET_IDX = 208 MOD_SCMI_PD_POWER_STATE_GET - MOD_RES_PERMS_POWER_DOMAIN_PERMS_OFFSET, 209 MOD_RES_PERMS_SCMI_POWER_DOMAIN_STATE_NOTIFY_IDX = 210 MOD_SCMI_PD_POWER_STATE_NOTIFY - 211 MOD_RES_PERMS_POWER_DOMAIN_PERMS_OFFSET, 212 }; 213 214 /*! 215 * \brief SCMI Performance Protocol Message index offset 216 */ 217 #define MOD_RES_PERMS_PERF_PERMS_OFFSET MOD_SCMI_PERF_DOMAIN_ATTRIBUTES 218 219 /*! 220 * \brief SCMI Performance Protocol Message Indices 221 */ 222 enum mod_res_perf_permissions_idx { 223 MOD_RES_PERMS_SCMI_PERF_ATTRIBUTES_IDX = 224 MOD_SCMI_PERF_DOMAIN_ATTRIBUTES - MOD_RES_PERMS_PERF_PERMS_OFFSET, 225 MOD_RES_PERMS_SCMI_PERF_DESCRIBE_LEVELS_IDX = 226 MOD_SCMI_PERF_DESCRIBE_LEVELS - MOD_RES_PERMS_PERF_PERMS_OFFSET, 227 MOD_RES_PERMS_SCMI_PERF_LIMITS_SET_IDX = 228 MOD_SCMI_PERF_LIMITS_SET - MOD_RES_PERMS_PERF_PERMS_OFFSET, 229 MOD_RES_PERMS_SCMI_PERF_LIMITS_GET_IDX = 230 MOD_SCMI_PERF_LIMITS_GET - MOD_RES_PERMS_PERF_PERMS_OFFSET, 231 MOD_RES_PERMS_SCMI_PERF_LEVEL_SET_IDX = 232 MOD_SCMI_PERF_LEVEL_SET - MOD_RES_PERMS_PERF_PERMS_OFFSET, 233 MOD_RES_PERMS_SCMI_PERF_LEVEL_GET_IDX = 234 MOD_SCMI_PERF_LEVEL_GET - MOD_RES_PERMS_PERF_PERMS_OFFSET, 235 MOD_RES_PERMS_SCMI_PERF_NOTIFY_LIMITS_IDX = 236 MOD_SCMI_PERF_NOTIFY_LIMITS - MOD_RES_PERMS_PERF_PERMS_OFFSET, 237 MOD_RES_PERMS_SCMI_PERF_NOTIFY_LEVEL_IDX = 238 MOD_SCMI_PERF_NOTIFY_LEVEL - MOD_RES_PERMS_PERF_PERMS_OFFSET, 239 MOD_RES_PERMS_SCMI_PERF_DESCRIBE_FAST_CHANNEL_IDX = 240 MOD_SCMI_PERF_DESCRIBE_FAST_CHANNEL - MOD_RES_PERMS_PERF_PERMS_OFFSET, 241 }; 242 243 /*! 244 * \brief SCMI Sensor Protocol Message index offset 245 */ 246 #define MOD_RES_PERMS_SENSOR_PERMS_OFFSET MOD_SCMI_SENSOR_DESCRIPTION_GET 247 248 /*! 249 * \brief SCMI Sensor Protocol Message Indices 250 */ 251 enum mod_res_sensor_permissions_idx { 252 MOD_RES_PERMS_SCMI_SENSOR_DESCRIPTION_GET_IDX = 253 MOD_SCMI_PERF_DOMAIN_ATTRIBUTES - MOD_RES_PERMS_SENSOR_PERMS_OFFSET, 254 MOD_RES_PERMS_SCMI_SENSOR_TRIP_POINT_NOTIFY_IDX = 255 MOD_SCMI_SENSOR_TRIP_POINT_NOTIFY - MOD_RES_PERMS_SENSOR_PERMS_OFFSET, 256 MOD_RES_PERMS_SCMI_SENSOR_TRIP_POINT_CONFIG_IDX = 257 MOD_SCMI_SENSOR_TRIP_POINT_CONFIG - MOD_RES_PERMS_SENSOR_PERMS_OFFSET, 258 MOD_RES_PERMS_SCMI_SENSOR_READING_GET_IDX = 259 MOD_SCMI_SENSOR_READING_GET - MOD_RES_PERMS_SENSOR_PERMS_OFFSET, 260 }; 261 262 /*! 263 * \brief SCMI Reset Domain Management Protocol Message index offset 264 */ 265 #define MOD_RES_PERMS_RESET_DOMAIN_PERMS_OFFSET MOD_SCMI_RESET_DOMAIN_ATTRIBUTES 266 267 /*! 268 * \brief SCMI Reset Domain Management Protocol Message Indices 269 */ 270 enum mod_res_reset_domain_permissions_idx { 271 MOD_RES_PERMS_SCMI_RESET_DOMAIN_ATTRIBUTES_IDX = 272 MOD_SCMI_RESET_DOMAIN_ATTRIBUTES - 273 MOD_RES_PERMS_RESET_DOMAIN_PERMS_OFFSET, 274 MOD_RES_PERMS_SCMI_RESET_DOMAIN_RESET_REQUEST_IDX = 275 MOD_SCMI_RESET_REQUEST - MOD_RES_PERMS_RESET_DOMAIN_PERMS_OFFSET, 276 MOD_RES_PERMS_SCMI_RESET_DOMAIN_RESET_NOTIFY_IDX = 277 MOD_SCMI_RESET_NOTIFY - MOD_RES_PERMS_RESET_DOMAIN_PERMS_OFFSET, 278 }; 279 280 /*! 281 * \brief SCMI Voltage Domain Management Protocol Message index offset 282 */ 283 #define MOD_RES_PERMS_VOLTD_PERMS_OFFSET MOD_SCMI_VOLTD_DOMAIN_ATTRIBUTES 284 285 /*! 286 * \brief SCMI Reset Domain Management Protocol Message Indices 287 */ 288 enum mod_res_voltage_domain_permissions_idx { 289 MOD_RES_PERMS_SCMI_VOLTD_DOMAIN_ATTRIBUTES_IDX = 290 MOD_SCMI_VOLTD_DOMAIN_ATTRIBUTES - MOD_RES_PERMS_VOLTD_PERMS_OFFSET, 291 MOD_RES_PERMS_SCMI_VOLTD_DESCRIBE_LEVELS_IDX = 292 MOD_SCMI_VOLTD_DESCRIBE_LEVELS - MOD_RES_PERMS_VOLTD_PERMS_OFFSET, 293 MOD_RES_PERMS_SCMI_VOLTD_CONFIG_SET_IDX = 294 MOD_SCMI_VOLTD_CONFIG_SET - MOD_RES_PERMS_VOLTD_PERMS_OFFSET, 295 MOD_RES_PERMS_SCMI_VOLTD_CONFIG_GET_IDX = 296 MOD_SCMI_VOLTD_CONFIG_GET - MOD_RES_PERMS_VOLTD_PERMS_OFFSET, 297 MOD_RES_PERMS_SCMI_VOLTD_LEVEL_SET_IDX = 298 MOD_SCMI_VOLTD_LEVEL_SET - MOD_RES_PERMS_VOLTD_PERMS_OFFSET, 299 MOD_RES_PERMS_SCMI_VOLTD_LEVEL_GET_IDX = 300 MOD_SCMI_VOLTD_LEVEL_GET - MOD_RES_PERMS_VOLTD_PERMS_OFFSET, 301 }; 302 303 /*! 304 * \brief SCMI Domain Types 305 */ 306 enum mod_res_domain_device_types { 307 MOD_RES_POWER_DOMAIN_DEVICE = 0, 308 MOD_RES_PERF_DOMAIN_DEVICE, 309 MOD_RES_CLOCK_DOMAIN_DEVICE, 310 MOD_RES_SENSOR_DOMAIN_DEVICE, 311 MOD_RES_RESET_DOMAIN_DEVICE, 312 MOD_RES_VOLTAGE_DOMAIN_DEVICE, 313 MOD_RES_PLATFORM_DOMAIN_DEVICE, 314 MOD_RES_DOMAIN_DEVICE_INVALID 315 }; 316 317 /*! 318 * \brief Each device is made up multiple domain devices. 319 * The protocol is determined by the device type. 320 * The resource ID for a protocol is the element ID of the 321 * device_id. 322 */ 323 struct mod_res_domain_device { 324 /*! \brief Identifier of the domain device instance */ 325 fwk_id_t device_id; 326 327 /*! \brief Type of the domain device instance */ 328 enum mod_res_domain_device_types type; 329 }; 330 331 /*! 332 * \brief Device definition. 333 */ 334 struct mod_res_device { 335 /*! \brief Device Identifier */ 336 uint16_t device_id; 337 338 /*! \brief List of domain devices in the device */ 339 struct mod_res_domain_device *domain_devices; 340 }; 341 342 /*! 343 * \brief SCMI Agent Permissions 344 * 345 * \details An agent may have any combination of the permissions 346 * tables set. 347 */ 348 struct mod_res_agent_permission { 349 /*! \brief Protocol permissions. */ 350 struct mod_res_agent_protocol_permissions *agent_protocol_permissions; 351 352 /*! \brief Protocol:Message permissions. */ 353 struct mod_res_agent_msg_permissions *agent_msg_permissions; 354 355 /*! \brief Power Domain:Resource permissions. */ 356 mod_res_perms_t *scmi_pd_perms; 357 358 /*! Performance:Resource permissions. */ 359 mod_res_perms_t *scmi_perf_perms; 360 361 /*! \brief Clock:Resource permissions. */ 362 mod_res_perms_t *scmi_clock_perms; 363 364 /*! \brief Sensor:Resource permissions. */ 365 mod_res_perms_t *scmi_sensor_perms; 366 367 #ifdef BUILD_HAS_MOD_SCMI_RESET_DOMAIN 368 /*! \brief Reset Domain:Resource permissions. */ 369 mod_res_perms_t *scmi_reset_domain_perms; 370 #endif 371 /*! \brief Voltage Domain:Resource permissions. */ 372 mod_res_perms_t *scmi_voltd_perms; 373 }; 374 375 /*! 376 * \brief Type of the interfaces exposed by the resource permissions module. 377 */ 378 enum mod_res_perms_api_idx { 379 MOD_RES_PERM_RESOURCE_PERMS, 380 MOD_RES_PERM_API_IDX_COUNT, 381 }; 382 383 /*! 384 * \brief Interfaces exposed by the resource permissions module. 385 */ 386 struct mod_res_permissions_api { 387 /*! 388 * \brief Check whether the agent has permission to access a protocol. 389 * 390 * \param agent_id identifier of the agent. 391 * \param protocol_id identifier of the protocol. 392 * 393 * \retval MOD_RES_PERMS_ACCESS_ALLOWED The agent has permissions to 394 * use the protocol. 395 * \retval MOD_RES_PERMS_ACCESS_DENIED The agent does not have 396 * permissions to use the protocol. 397 */ 398 enum mod_res_perms_permissions (*agent_has_protocol_permission)( 399 uint32_t agent_id, 400 uint32_t protocol_id); 401 402 /*! 403 * \brief Check whether the agent has permission to access a message. 404 * 405 * \param agent_id identifier of the agent. 406 * \param protocol_id identifier of the protocol. 407 * \param message_id identifier of the message. 408 * 409 * \retval MOD_RES_PERMS_ACCESS_ALLOWED The agent has permissions to 410 * use the protocol. 411 * \retval MOD_RES_PERMS_ACCESS_DENIED The agent does not have 412 * permissions to use the message. 413 */ 414 enum mod_res_perms_permissions (*agent_has_message_permission)( 415 uint32_t agent_id, 416 uint32_t protocol_id, 417 uint32_t message_id); 418 419 /*! 420 * \brief Check whether the agent has permission to access a resource. 421 * 422 * \param agent_id identifier of the agent. 423 * \param protocol_id identifier of the protocol. 424 * \param message_id identifier of the message. 425 * \param resource_id identifier of the resource. 426 * 427 * \retval MOD_RES_PERMS_ACCESS_ALLOWED The agent has permissions to 428 * use the protocol. 429 * \retval MOD_RES_PERMS_ACCESS_DENIED The agent does not have 430 * permissions to use the resource. 431 */ 432 enum mod_res_perms_permissions (*agent_has_resource_permission)( 433 uint32_t agent_id, 434 uint32_t protocol_id, 435 uint32_t message_id, 436 uint32_t resource_id); 437 438 /*! 439 * \brief Set device permissions for an agent 440 * 441 * \param agent_id identifier of the agent. 442 * \param device_id identifier of the device. 443 * \param flags permissions to set. 444 * 445 * \retval ::FWK_SUCCESS The operation has completed successfully. 446 * \retval ::FWK_E_ACCESS Unknown agent_id or device_id. 447 * \retval ::FWK_E_PARAM Invalid flags or protocol_ID. 448 */ 449 int (*agent_set_device_permission)( 450 uint32_t agent_id, 451 uint32_t device_id, 452 uint32_t flags); 453 454 /*! 455 * \brief Set device protocol permissions for an agent 456 * 457 * \param agent_id identifier of the agent. 458 * \param device_id identifier of the device. 459 * \param device_id identifier of the protocol. 460 * \param flags permissions to set. 461 * 462 * \retval ::FWK_SUCCESS The operation has completed successfully. 463 * \retval ::FWK_E_ACCESS Unknown agent_id or device_id. 464 * \retval ::FWK_E_PARAM Invalid flags or protocol_ID. 465 */ 466 int (*agent_set_device_protocol_permission)( 467 uint32_t agent_id, 468 uint32_t device_id, 469 uint32_t protocol_id, 470 uint32_t flags); 471 472 /*! 473 * \brief Reset permissions for an agent 474 * 475 * \param agent_id identifier of the agent. 476 * \param flags permissions to set. 477 * 478 * \retval ::FWK_SUCCESS The operation has completed successfully. 479 * \retval ::FWK_E_ACCESS Unknown agent_id. 480 * \retval ::FWK_E_PARAM Invalid flags. 481 */ 482 int (*agent_reset_config)(uint32_t agent_id, uint32_t flags); 483 }; 484 485 /*! 486 * \brief Resource Permissions module configuration data. 487 * 488 * \note If the agent_permissions table is not set in the config then no 489 * resource permissions are implemented. 490 */ 491 struct mod_res_resource_perms_config { 492 /*! \brief Number of agents on the platform. */ 493 uint32_t agent_count; 494 495 /*! \brief Number of SCMI protocols supported by the platform. */ 496 uint32_t protocol_count; 497 498 /*! \brief Number of clocks supported by the platform. */ 499 uint32_t clock_count; 500 501 /*! \brief Number of clock commands supported by the platform. */ 502 uint32_t clock_cmd_count; 503 504 /*! \brief Number of clock resources supported by the platform. */ 505 uint32_t clock_resource_count; 506 507 /*! \brief Number of sensors supported by the platform. */ 508 uint32_t sensor_count; 509 510 /*! \brief Number of sensor commands supported by the platform. */ 511 uint32_t sensor_cmd_count; 512 513 /*! \brief Number of sensor resources supported by the platform. */ 514 uint32_t sensor_resource_count; 515 516 /*! \brief Number of power domains supported by the platform. */ 517 uint32_t pd_count; 518 519 /*! \brief Number of power domain commands supported by the platform. */ 520 uint32_t pd_cmd_count; 521 522 /*! \brief Number of power domain resources supported by the platform. */ 523 uint32_t pd_resource_count; 524 525 /*! \brief Number of perf domains supported by the platform. */ 526 uint32_t perf_count; 527 528 /*! \brief Number of perf domain commands supported by the platform. */ 529 uint32_t perf_cmd_count; 530 531 /*! \brief Number of perf domain resources supported by the platform. */ 532 uint32_t perf_resource_count; 533 534 #ifdef BUILD_HAS_MOD_SCMI_RESET_DOMAIN 535 /*! \brief Number of reset domains supported by the platform. */ 536 uint32_t reset_domain_count; 537 538 /*! \brief Number of reset domain commands supported by the platform. */ 539 uint32_t reset_domain_cmd_count; 540 541 /*! \brief Number of reset domain resources supported by the platform. */ 542 uint32_t reset_domain_resource_count; 543 #endif 544 545 /*! \brief Number of voltage domains supported by the platform. */ 546 uint32_t voltd_count; 547 548 /*! \brief Number of voltage domain commands supported by the platform. */ 549 uint32_t voltd_cmd_count; 550 551 /*! \brief Number of voltage domain resources supported by the platform. */ 552 uint32_t voltd_resource_count; 553 554 /*! \brief Number of devices supported by the platform. */ 555 uint32_t device_count; 556 557 /*! \brief Address of the permissions table */ 558 uintptr_t agent_permissions; 559 560 /*! \brief Address of the domain devices */ 561 uintptr_t domain_devices; 562 }; 563 564 /*! 565 * \defgroup GroupResPerms Mapping 566 * 567 * \brief Resource Permissions Identifier Mapping. 568 * 569 * \details The Resource Permissions Identifier Checkin and Mapping functions 570 * are weak definitions to allow a platform to implement a function 571 * for mapping agent IDs, SCMI protocol IDs and SCMI Message IDs 572 * appropriate to that platform. The permissons checking functions 573 * may also be implemented. The Resource Permissions Identifier 574 * Mapping/Checking functions may be overridden in the 575 * `product/<platform>/src` directory. 576 * This may be useful for platforms with non-contiguous or 577 * platform-specific agent:protocol:command identifiers. 578 * 579 * \{ 580 */ 581 582 /*! 583 * \brief Resource Permissions Map Agent ID to index. 584 * 585 * \details This function maps an Agent ID to an index in the 586 * resource permissions table. 587 * 588 * The Resource Permissions Mapping handlers have default 589 * weak implementations that allow a platform to implement 590 * a policy appropriate for that platform. 591 * 592 * \param[out] agent_idx Index for agent. 593 * \param[in] agent_id Identifier of the agent. 594 * 595 * \retval ::FWK_SUCCESS The operation succeeded. 596 * 597 * \return Status code representing the result of the operation. 598 */ 599 int mod_res_agent_id_to_index(uint32_t agent_id, uint32_t *agent_idx); 600 601 /*! 602 * \brief Resource Permissions Map Protocol ID to index. 603 * 604 * \details This function maps an SCMI Protocol ID to an index in the 605 * resource permissions table. 606 * 607 * The Resource Permissions Mapping handlers have default 608 * weak implementations that allow a platform to implement 609 * a policy appropriate for that platform. 610 * 611 * \param[out] protocol_idx Index for protocol. 612 * \param[in] protocol_id Identifier of the Protocol. 613 * 614 * \retval ::FWK_SUCCESS The operation succeeded. 615 * 616 * \return Status code representing the result of the operation. 617 */ 618 int mod_res_plat_protocol_id_to_index( 619 uint32_t protocol_id, 620 uint32_t *protocol_idx); 621 622 /*! 623 * \brief Resource Permissions Map Message ID to index. 624 * 625 * \details This function maps an SCMI Message ID to an index in the 626 * resource permissions table. 627 * 628 * The Resource Permissions Mapping handlers have default 629 * weak implementations that allow a platform to implement 630 * a policy appropriate for that platform. 631 * 632 * \param[out] message_idx Index for message. 633 * \param[in] protocol_id Identifier of the Protocol. 634 * \param[in] message_id Identifier of the Message. 635 * 636 * \retval ::FWK_SUCCESS The operation succeeded. 637 * 638 * \return Status code representing the result of the operation. 639 */ 640 int mod_res_plat_message_id_to_index( 641 uint32_t protocol_id, 642 uint32_t message_id, 643 int32_t *message_idx); 644 645 /*! 646 * \brief Resource Permissions Map Resource ID to index. 647 * 648 * \details This function maps an SCMI Resource ID to an index in the 649 * resource permissions table. 650 * 651 * The Resource Permissions Mapping handlers have default 652 * weak implementations that allow a platform to implement 653 * a policy appropriate for that platform. 654 * 655 * \param[out] resource_idx Index for resource. 656 * \param[in] agent_id Identifier of the Agent. 657 * \param[in] protocol_id Identifier of the Protocol. 658 * \param[in] message_id Identifier of the Message. 659 * \param[in] resource_id Identifier of the Resource. 660 * 661 * \retval ::FWK_SUCCESS The operation succeeded. 662 * 663 * \return Status code representing the result of the operation. 664 */ 665 int mod_res_plat_resource_id_to_index( 666 uint32_t agent_id, 667 uint32_t protocol_id, 668 uint32_t message_id, 669 uint32_t resource_id, 670 int32_t *resource_idx); 671 672 /*! 673 * \brief Check whether the agent has permission to access a protocol. 674 * 675 * \param agent_id identifier of the agent. 676 * \param protocol_id identifier of the protocol. 677 * 678 * \retval MOD_RES_PERMS_ACCESS_ALLOWED The agent has permissions to 679 * use the protocol. 680 * \retval MOD_RES_PERMS_ACCESS_DENIED The agent does not have 681 * permissions to use the protocol. 682 */ 683 enum mod_res_perms_permissions mod_res_plat_agent_protocol_permission( 684 uint32_t agent_id, 685 uint32_t protocol_id); 686 687 /*! 688 * \brief Check whether the agent has permission to access a message. 689 * 690 * \param agent_id identifier of the agent. 691 * \param protocol_id identifier of the protocol. 692 * \param message_id identifier of the message. 693 * 694 * \retval MOD_RES_PERMS_ACCESS_ALLOWED The agent has permissions to 695 * use the protocol. 696 * \retval MOD_RES_PERMS_ACCESS_DENIED The agent does not have 697 * permissions to use the message. 698 */ 699 enum mod_res_perms_permissions mod_res_plat_agent_message_permission( 700 uint32_t agent_id, 701 uint32_t protocol_id, 702 uint32_t message_id); 703 704 /*! 705 * \brief Check whether the agent has permission to access a resource. 706 * 707 * \param agent_id identifier of the agent. 708 * \param protocol_id identifier of the protocol. 709 * \param message_id identifier of the message. 710 * \param resource_id identifier of the resource. 711 * 712 * \retval MOD_RES_PERMS_ACCESS_ALLOWED The agent has permissions to 713 * use the protocol. 714 * \retval MOD_RES_PERMS_ACCESS_DENIED The agent does not have 715 * permissions to use the resource. 716 */ 717 enum mod_res_perms_permissions mod_res_plat_agent_resource_permissions( 718 uint32_t agent_id, 719 uint32_t protocol_id, 720 uint32_t message_id, 721 uint32_t resource_id); 722 723 /*! 724 * \} 725 */ 726 727 #endif /* MOD_SCMI_RESOURCE_PERMISSIONS_H */ 728